block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
/*
|
|
|
|
* QEMU Block backends
|
|
|
|
*
|
2016-05-06 18:26:30 +02:00
|
|
|
* Copyright (C) 2014-2016 Red Hat, Inc.
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
*
|
|
|
|
* Authors:
|
|
|
|
* Markus Armbruster <armbru@redhat.com>,
|
|
|
|
*
|
|
|
|
* This work is licensed under the terms of the GNU LGPL, version 2.1
|
|
|
|
* or later. See the COPYING.LIB file in the top-level directory.
|
|
|
|
*/
|
|
|
|
|
2016-01-18 19:01:42 +01:00
|
|
|
#include "qemu/osdep.h"
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
#include "sysemu/block-backend.h"
|
|
|
|
#include "block/block_int.h"
|
2015-10-19 17:53:22 +02:00
|
|
|
#include "block/blockjob.h"
|
2015-10-19 17:53:24 +02:00
|
|
|
#include "block/throttle-groups.h"
|
2019-08-12 07:23:37 +02:00
|
|
|
#include "hw/qdev-core.h"
|
2014-10-07 13:59:06 +02:00
|
|
|
#include "sysemu/blockdev.h"
|
2019-08-12 07:23:59 +02:00
|
|
|
#include "sysemu/runstate.h"
|
2019-09-17 13:58:19 +02:00
|
|
|
#include "sysemu/sysemu.h"
|
|
|
|
#include "sysemu/replay.h"
|
2018-02-01 12:18:31 +01:00
|
|
|
#include "qapi/error.h"
|
2018-02-11 10:36:01 +01:00
|
|
|
#include "qapi/qapi-events-block.h"
|
2016-03-20 18:16:19 +01:00
|
|
|
#include "qemu/id.h"
|
Include qemu/main-loop.h less
In my "build everything" tree, changing qemu/main-loop.h triggers a
recompile of some 5600 out of 6600 objects (not counting tests and
objects that don't depend on qemu/osdep.h). It includes block/aio.h,
which in turn includes qemu/event_notifier.h, qemu/notify.h,
qemu/processor.h, qemu/qsp.h, qemu/queue.h, qemu/thread-posix.h,
qemu/thread.h, qemu/timer.h, and a few more.
Include qemu/main-loop.h only where it's needed. Touching it now
recompiles only some 1700 objects. For block/aio.h and
qemu/event_notifier.h, these numbers drop from 5600 to 2800. For the
others, they shrink only slightly.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190812052359.30071-21-armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-08-12 07:23:50 +02:00
|
|
|
#include "qemu/main-loop.h"
|
2018-02-01 12:18:46 +01:00
|
|
|
#include "qemu/option.h"
|
2016-04-14 16:40:16 +02:00
|
|
|
#include "trace.h"
|
2017-08-15 15:07:39 +02:00
|
|
|
#include "migration/misc.h"
|
2014-10-07 13:59:25 +02:00
|
|
|
|
|
|
|
/* Number of coroutines to reserve per attached device model */
|
|
|
|
#define COROUTINE_POOL_RESERVATION 64
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
|
2016-03-08 13:47:47 +01:00
|
|
|
#define NOT_DONE 0x7fffffff /* used while emulated sync operation in progress */
|
|
|
|
|
2015-10-19 17:53:18 +02:00
|
|
|
static AioContext *blk_aiocb_get_aio_context(BlockAIOCB *acb);
|
|
|
|
|
2018-03-06 21:48:18 +01:00
|
|
|
typedef struct BlockBackendAioNotifier {
|
|
|
|
void (*attached_aio_context)(AioContext *new_context, void *opaque);
|
|
|
|
void (*detach_aio_context)(void *opaque);
|
|
|
|
void *opaque;
|
|
|
|
QLIST_ENTRY(BlockBackendAioNotifier) list;
|
|
|
|
} BlockBackendAioNotifier;
|
|
|
|
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
struct BlockBackend {
|
|
|
|
char *name;
|
|
|
|
int refcnt;
|
2016-03-08 13:47:46 +01:00
|
|
|
BdrvChild *root;
|
2019-04-25 14:25:10 +02:00
|
|
|
AioContext *ctx;
|
2014-10-07 13:59:22 +02:00
|
|
|
DriveInfo *legacy_dinfo; /* null unless created by drive_new() */
|
2016-03-16 19:54:36 +01:00
|
|
|
QTAILQ_ENTRY(BlockBackend) link; /* for block_backends */
|
2016-03-16 19:54:35 +01:00
|
|
|
QTAILQ_ENTRY(BlockBackend) monitor_link; /* for monitor_block_backends */
|
2016-03-21 11:27:04 +01:00
|
|
|
BlockBackendPublic public;
|
2014-10-07 13:59:25 +02:00
|
|
|
|
2019-01-23 09:56:01 +01:00
|
|
|
DeviceState *dev; /* attached device model, if any */
|
2014-10-07 13:59:25 +02:00
|
|
|
const BlockDevOps *dev_ops;
|
|
|
|
void *dev_opaque;
|
2015-10-19 17:53:19 +02:00
|
|
|
|
|
|
|
/* the block size for which the guest device expects atomicity */
|
|
|
|
int guest_block_size;
|
2015-10-19 17:53:21 +02:00
|
|
|
|
2015-10-19 17:53:24 +02:00
|
|
|
/* If the BDS tree is removed, some of its options are stored here (which
|
|
|
|
* can be used to restore those options in the new BDS on insert) */
|
|
|
|
BlockBackendRootState root_state;
|
|
|
|
|
2016-03-04 14:28:01 +01:00
|
|
|
bool enable_write_cache;
|
|
|
|
|
2015-10-19 17:53:21 +02:00
|
|
|
/* I/O stats (display with "info blockstats"). */
|
|
|
|
BlockAcctStats stats;
|
2015-10-19 17:53:22 +02:00
|
|
|
|
|
|
|
BlockdevOnError on_read_error, on_write_error;
|
|
|
|
bool iostatus_enabled;
|
|
|
|
BlockDeviceIoStatus iostatus;
|
2016-01-29 16:36:03 +01:00
|
|
|
|
2017-01-20 15:42:39 +01:00
|
|
|
uint64_t perm;
|
|
|
|
uint64_t shared_perm;
|
2017-04-04 17:29:03 +02:00
|
|
|
bool disable_perm;
|
2017-01-20 15:42:39 +01:00
|
|
|
|
2019-05-06 19:18:02 +02:00
|
|
|
bool allow_aio_context_change;
|
2016-03-08 16:39:49 +01:00
|
|
|
bool allow_write_beyond_eof;
|
|
|
|
|
2016-01-29 16:36:03 +01:00
|
|
|
NotifierList remove_bs_notifiers, insert_bs_notifiers;
|
2018-03-06 21:48:18 +01:00
|
|
|
QLIST_HEAD(, BlockBackendAioNotifier) aio_notifiers;
|
2017-03-16 22:23:50 +01:00
|
|
|
|
|
|
|
int quiesce_counter;
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
CoQueue queued_requests;
|
|
|
|
bool disable_request_queuing;
|
|
|
|
|
2017-08-15 15:07:39 +02:00
|
|
|
VMChangeStateEntry *vmsh;
|
2017-08-23 15:42:40 +02:00
|
|
|
bool force_allow_inactivate;
|
2018-02-16 17:50:13 +01:00
|
|
|
|
|
|
|
/* Number of in-flight aio requests. BlockDriverState also counts
|
|
|
|
* in-flight requests but aio requests can exist even when blk->root is
|
|
|
|
* NULL, so we cannot rely on its counter for that case.
|
|
|
|
* Accessed with atomic ops.
|
|
|
|
*/
|
|
|
|
unsigned int in_flight;
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
};
|
|
|
|
|
2015-02-05 19:58:23 +01:00
|
|
|
typedef struct BlockBackendAIOCB {
|
|
|
|
BlockAIOCB common;
|
2015-10-19 17:53:18 +02:00
|
|
|
BlockBackend *blk;
|
2015-02-05 19:58:23 +01:00
|
|
|
int ret;
|
|
|
|
} BlockBackendAIOCB;
|
|
|
|
|
|
|
|
static const AIOCBInfo block_backend_aiocb_info = {
|
2015-10-19 17:53:18 +02:00
|
|
|
.get_aio_context = blk_aiocb_get_aio_context,
|
2015-02-05 19:58:23 +01:00
|
|
|
.aiocb_size = sizeof(BlockBackendAIOCB),
|
|
|
|
};
|
|
|
|
|
2014-10-07 13:59:07 +02:00
|
|
|
static void drive_info_del(DriveInfo *dinfo);
|
2016-03-22 18:58:50 +01:00
|
|
|
static BlockBackend *bdrv_first_blk(BlockDriverState *bs);
|
2014-10-07 13:59:07 +02:00
|
|
|
|
2016-03-16 19:54:36 +01:00
|
|
|
/* All BlockBackends */
|
|
|
|
static QTAILQ_HEAD(, BlockBackend) block_backends =
|
|
|
|
QTAILQ_HEAD_INITIALIZER(block_backends);
|
|
|
|
|
2016-03-16 19:54:35 +01:00
|
|
|
/* All BlockBackends referenced by the monitor and which are iterated through by
|
|
|
|
* blk_next() */
|
|
|
|
static QTAILQ_HEAD(, BlockBackend) monitor_block_backends =
|
|
|
|
QTAILQ_HEAD_INITIALIZER(monitor_block_backends);
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
static void blk_root_inherit_options(int *child_flags, QDict *child_options,
|
|
|
|
int parent_flags, QDict *parent_options)
|
|
|
|
{
|
|
|
|
/* We're not supposed to call this function for root nodes */
|
|
|
|
abort();
|
|
|
|
}
|
2016-03-22 12:05:35 +01:00
|
|
|
static void blk_root_drained_begin(BdrvChild *child);
|
2018-09-06 17:43:49 +02:00
|
|
|
static bool blk_root_drained_poll(BdrvChild *child);
|
block: Do not poll in bdrv_do_drained_end()
We should never poll anywhere in bdrv_do_drained_end() (including its
recursive callees like bdrv_drain_invoke()), because it does not cope
well with graph changes. In fact, it has been written based on the
postulation that no graph changes will happen in it.
Instead, the callers that want to poll must poll, i.e. all currently
globally available wrappers: bdrv_drained_end(),
bdrv_subtree_drained_end(), bdrv_unapply_subtree_drain(), and
bdrv_drain_all_end(). Graph changes there do not matter.
They can poll simply by passing a pointer to a drained_end_counter and
wait until it reaches 0.
This patch also adds a non-polling global wrapper for
bdrv_do_drained_end() that takes a drained_end_counter pointer. We need
such a variant because now no function called anywhere from
bdrv_do_drained_end() must poll. This includes
BdrvChildRole.drained_end(), which already must not poll according to
its interface documentation, but bdrv_child_cb_drained_end() just
violates that by invoking bdrv_drained_end() (which does poll).
Therefore, BdrvChildRole.drained_end() must take a *drained_end_counter
parameter, which bdrv_child_cb_drained_end() can pass on to the new
bdrv_drained_end_no_poll() function.
Note that we now have a pattern of all drained_end-related functions
either polling or receiving a *drained_end_counter to let the caller
poll based on that.
A problem with a single poll loop is that when the drained section in
bdrv_set_aio_context_ignore() ends, some nodes in the subgraph may be in
the old contexts, while others are in the new context already. To let
the collective poll in bdrv_drained_end() work correctly, we must not
hold a lock to the old context, so that the old context can make
progress in case it is different from the current context.
(In the process, remove the comment saying that the current context is
always the old context, because it is wrong.)
In all other places, all nodes in a subtree must be in the same context,
so we can just poll that. The exception of course is
bdrv_drain_all_end(), but that always runs in the main context, so we
can just poll NULL (like bdrv_drain_all_begin() does).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-07-19 11:26:14 +02:00
|
|
|
static void blk_root_drained_end(BdrvChild *child, int *drained_end_counter);
|
2016-03-08 13:47:46 +01:00
|
|
|
|
2016-02-24 15:13:35 +01:00
|
|
|
static void blk_root_change_media(BdrvChild *child, bool load);
|
|
|
|
static void blk_root_resize(BdrvChild *child);
|
|
|
|
|
2019-05-06 19:18:01 +02:00
|
|
|
static bool blk_root_can_set_aio_ctx(BdrvChild *child, AioContext *ctx,
|
|
|
|
GSList **ignore, Error **errp);
|
|
|
|
static void blk_root_set_aio_ctx(BdrvChild *child, AioContext *ctx,
|
|
|
|
GSList **ignore);
|
|
|
|
|
2017-01-17 15:56:16 +01:00
|
|
|
static char *blk_root_get_parent_desc(BdrvChild *child)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
char *dev_id;
|
|
|
|
|
|
|
|
if (blk->name) {
|
|
|
|
return g_strdup(blk->name);
|
|
|
|
}
|
|
|
|
|
|
|
|
dev_id = blk_get_attached_dev_id(blk);
|
|
|
|
if (*dev_id) {
|
|
|
|
return dev_id;
|
|
|
|
} else {
|
|
|
|
/* TODO Callback into the BB owner for something more detailed */
|
|
|
|
g_free(dev_id);
|
|
|
|
return g_strdup("a block device");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-26 10:22:16 +01:00
|
|
|
static const char *blk_root_get_name(BdrvChild *child)
|
|
|
|
{
|
|
|
|
return blk_name(child->opaque);
|
|
|
|
}
|
|
|
|
|
2017-08-15 15:07:39 +02:00
|
|
|
static void blk_vm_state_changed(void *opaque, int running, RunState state)
|
|
|
|
{
|
|
|
|
Error *local_err = NULL;
|
|
|
|
BlockBackend *blk = opaque;
|
|
|
|
|
|
|
|
if (state == RUN_STATE_INMIGRATE) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
qemu_del_vm_change_state_handler(blk->vmsh);
|
|
|
|
blk->vmsh = NULL;
|
|
|
|
blk_set_perm(blk, blk->perm, blk->shared_perm, &local_err);
|
|
|
|
if (local_err) {
|
|
|
|
error_report_err(local_err);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-05-04 18:52:37 +02:00
|
|
|
/*
|
|
|
|
* Notifies the user of the BlockBackend that migration has completed. qdev
|
|
|
|
* devices can tighten their permissions in response (specifically revoke
|
|
|
|
* shared write permissions that we needed for storage migration).
|
|
|
|
*
|
|
|
|
* If an error is returned, the VM cannot be allowed to be resumed.
|
|
|
|
*/
|
|
|
|
static void blk_root_activate(BdrvChild *child, Error **errp)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
Error *local_err = NULL;
|
|
|
|
|
|
|
|
if (!blk->disable_perm) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
blk->disable_perm = false;
|
|
|
|
|
2017-08-15 15:07:39 +02:00
|
|
|
blk_set_perm(blk, blk->perm, BLK_PERM_ALL, &local_err);
|
|
|
|
if (local_err) {
|
|
|
|
error_propagate(errp, local_err);
|
|
|
|
blk->disable_perm = true;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (runstate_check(RUN_STATE_INMIGRATE)) {
|
|
|
|
/* Activation can happen when migration process is still active, for
|
|
|
|
* example when nbd_server_add is called during non-shared storage
|
|
|
|
* migration. Defer the shared_perm update to migration completion. */
|
|
|
|
if (!blk->vmsh) {
|
|
|
|
blk->vmsh = qemu_add_vm_change_state_handler(blk_vm_state_changed,
|
|
|
|
blk);
|
|
|
|
}
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-05-04 18:52:37 +02:00
|
|
|
blk_set_perm(blk, blk->perm, blk->shared_perm, &local_err);
|
|
|
|
if (local_err) {
|
|
|
|
error_propagate(errp, local_err);
|
|
|
|
blk->disable_perm = true;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:42:40 +02:00
|
|
|
void blk_set_force_allow_inactivate(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
blk->force_allow_inactivate = true;
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:42:39 +02:00
|
|
|
static bool blk_can_inactivate(BlockBackend *blk)
|
|
|
|
{
|
2017-08-23 15:42:40 +02:00
|
|
|
/* If it is a guest device, inactivate is ok. */
|
2017-08-23 15:42:39 +02:00
|
|
|
if (blk->dev || blk_name(blk)[0]) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:42:40 +02:00
|
|
|
/* Inactivating means no more writes to the image can be done,
|
|
|
|
* even if those writes would be changes invisible to the
|
|
|
|
* guest. For block job BBs that satisfy this, we can just allow
|
|
|
|
* it. This is the case for mirror job source, which is required
|
|
|
|
* by libvirt non-shared block migration. */
|
|
|
|
if (!(blk->perm & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED))) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return blk->force_allow_inactivate;
|
2017-08-23 15:42:39 +02:00
|
|
|
}
|
|
|
|
|
2017-05-04 18:52:38 +02:00
|
|
|
static int blk_root_inactivate(BdrvChild *child)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
|
|
|
|
if (blk->disable_perm) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-08-23 15:42:39 +02:00
|
|
|
if (!blk_can_inactivate(blk)) {
|
2017-05-04 18:52:38 +02:00
|
|
|
return -EPERM;
|
|
|
|
}
|
|
|
|
|
|
|
|
blk->disable_perm = true;
|
|
|
|
if (blk->root) {
|
|
|
|
bdrv_child_try_set_perm(blk->root, 0, BLK_PERM_ALL, &error_abort);
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-03-06 21:48:18 +01:00
|
|
|
static void blk_root_attach(BdrvChild *child)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
BlockBackendAioNotifier *notifier;
|
|
|
|
|
|
|
|
trace_blk_root_attach(child, blk, child->bs);
|
|
|
|
|
|
|
|
QLIST_FOREACH(notifier, &blk->aio_notifiers, list) {
|
|
|
|
bdrv_add_aio_context_notifier(child->bs,
|
|
|
|
notifier->attached_aio_context,
|
|
|
|
notifier->detach_aio_context,
|
|
|
|
notifier->opaque);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_root_detach(BdrvChild *child)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
BlockBackendAioNotifier *notifier;
|
|
|
|
|
|
|
|
trace_blk_root_detach(child, blk, child->bs);
|
|
|
|
|
|
|
|
QLIST_FOREACH(notifier, &blk->aio_notifiers, list) {
|
|
|
|
bdrv_remove_aio_context_notifier(child->bs,
|
|
|
|
notifier->attached_aio_context,
|
|
|
|
notifier->detach_aio_context,
|
|
|
|
notifier->opaque);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
static const BdrvChildRole child_root = {
|
2016-03-22 12:05:35 +01:00
|
|
|
.inherit_options = blk_root_inherit_options,
|
|
|
|
|
2016-02-24 15:13:35 +01:00
|
|
|
.change_media = blk_root_change_media,
|
|
|
|
.resize = blk_root_resize,
|
2016-02-26 10:22:16 +01:00
|
|
|
.get_name = blk_root_get_name,
|
2017-01-17 15:56:16 +01:00
|
|
|
.get_parent_desc = blk_root_get_parent_desc,
|
2016-02-24 15:13:35 +01:00
|
|
|
|
2016-03-22 12:05:35 +01:00
|
|
|
.drained_begin = blk_root_drained_begin,
|
2018-09-06 17:43:49 +02:00
|
|
|
.drained_poll = blk_root_drained_poll,
|
2016-03-22 12:05:35 +01:00
|
|
|
.drained_end = blk_root_drained_end,
|
2017-05-04 18:52:37 +02:00
|
|
|
|
|
|
|
.activate = blk_root_activate,
|
2017-05-04 18:52:38 +02:00
|
|
|
.inactivate = blk_root_inactivate,
|
2018-03-06 21:48:18 +01:00
|
|
|
|
|
|
|
.attach = blk_root_attach,
|
|
|
|
.detach = blk_root_detach,
|
2019-05-06 19:18:01 +02:00
|
|
|
|
|
|
|
.can_set_aio_ctx = blk_root_can_set_aio_ctx,
|
|
|
|
.set_aio_ctx = blk_root_set_aio_ctx,
|
2016-03-08 13:47:46 +01:00
|
|
|
};
|
|
|
|
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
/*
|
2016-03-16 19:54:38 +01:00
|
|
|
* Create a new BlockBackend with a reference count of one.
|
2017-01-20 17:07:26 +01:00
|
|
|
*
|
|
|
|
* @perm is a bitmasks of BLK_PERM_* constants which describes the permissions
|
|
|
|
* to request for a block driver node that is attached to this BlockBackend.
|
|
|
|
* @shared_perm is a bitmask which describes which permissions may be granted
|
|
|
|
* to other users of the attached node.
|
|
|
|
* Both sets of permissions can be changed later using blk_set_perm().
|
|
|
|
*
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
* Return the new BlockBackend on success, null on failure.
|
|
|
|
*/
|
2019-04-25 14:25:10 +02:00
|
|
|
BlockBackend *blk_new(AioContext *ctx, uint64_t perm, uint64_t shared_perm)
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
{
|
|
|
|
BlockBackend *blk;
|
|
|
|
|
|
|
|
blk = g_new0(BlockBackend, 1);
|
|
|
|
blk->refcnt = 1;
|
2019-04-25 14:25:10 +02:00
|
|
|
blk->ctx = ctx;
|
2017-01-20 17:07:26 +01:00
|
|
|
blk->perm = perm;
|
|
|
|
blk->shared_perm = shared_perm;
|
2016-04-19 17:27:24 +02:00
|
|
|
blk_set_enable_write_cache(blk, true);
|
|
|
|
|
2018-09-28 11:11:50 +02:00
|
|
|
blk->on_read_error = BLOCKDEV_ON_ERROR_REPORT;
|
|
|
|
blk->on_write_error = BLOCKDEV_ON_ERROR_ENOSPC;
|
|
|
|
|
2017-06-05 14:39:07 +02:00
|
|
|
block_acct_init(&blk->stats);
|
2016-03-21 12:56:44 +01:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
qemu_co_queue_init(&blk->queued_requests);
|
2016-01-29 16:36:03 +01:00
|
|
|
notifier_list_init(&blk->remove_bs_notifiers);
|
|
|
|
notifier_list_init(&blk->insert_bs_notifiers);
|
2018-03-06 21:48:18 +01:00
|
|
|
QLIST_INIT(&blk->aio_notifiers);
|
2016-03-21 12:56:44 +01:00
|
|
|
|
2016-03-16 19:54:36 +01:00
|
|
|
QTAILQ_INSERT_TAIL(&block_backends, blk, link);
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
return blk;
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:05 +02:00
|
|
|
/*
|
2016-05-17 16:41:29 +02:00
|
|
|
* Creates a new BlockBackend, opens a new BlockDriverState, and connects both.
|
2019-04-25 14:25:10 +02:00
|
|
|
* The new BlockBackend is in the main AioContext.
|
2015-02-05 19:58:11 +01:00
|
|
|
*
|
|
|
|
* Just as with bdrv_open(), after having called this function the reference to
|
|
|
|
* @options belongs to the block layer (even on failure).
|
|
|
|
*
|
|
|
|
* TODO: Remove @filename and @flags; it should be possible to specify a whole
|
|
|
|
* BDS tree just by specifying the @options QDict (or @reference,
|
|
|
|
* alternatively). At the time of adding this function, this is not possible,
|
|
|
|
* though, so callers of this function have to be able to specify @filename and
|
|
|
|
* @flags.
|
|
|
|
*/
|
2016-03-16 19:54:38 +01:00
|
|
|
BlockBackend *blk_new_open(const char *filename, const char *reference,
|
|
|
|
QDict *options, int flags, Error **errp)
|
2015-02-05 19:58:11 +01:00
|
|
|
{
|
|
|
|
BlockBackend *blk;
|
2016-05-17 16:41:29 +02:00
|
|
|
BlockDriverState *bs;
|
2017-11-20 15:02:48 +01:00
|
|
|
uint64_t perm = 0;
|
2017-01-13 19:13:00 +01:00
|
|
|
|
|
|
|
/* blk_new_open() is mainly used in .bdrv_create implementations and the
|
|
|
|
* tools where sharing isn't a concern because the BDS stays private, so we
|
|
|
|
* just request permission according to the flags.
|
|
|
|
*
|
|
|
|
* The exceptions are xen_disk and blockdev_init(); in these cases, the
|
|
|
|
* caller of blk_new_open() doesn't make use of the permissions, but they
|
|
|
|
* shouldn't hurt either. We can still share everything here because the
|
|
|
|
* guest devices will add their own blockers if they can't share. */
|
2017-11-20 15:02:48 +01:00
|
|
|
if ((flags & BDRV_O_NO_IO) == 0) {
|
|
|
|
perm |= BLK_PERM_CONSISTENT_READ;
|
|
|
|
if (flags & BDRV_O_RDWR) {
|
|
|
|
perm |= BLK_PERM_WRITE;
|
|
|
|
}
|
2017-01-13 19:13:00 +01:00
|
|
|
}
|
|
|
|
if (flags & BDRV_O_RESIZE) {
|
|
|
|
perm |= BLK_PERM_RESIZE;
|
|
|
|
}
|
2015-02-05 19:58:11 +01:00
|
|
|
|
2019-04-25 14:25:10 +02:00
|
|
|
blk = blk_new(qemu_get_aio_context(), perm, BLK_PERM_ALL);
|
2016-05-17 16:41:31 +02:00
|
|
|
bs = bdrv_open(filename, reference, options, flags, errp);
|
|
|
|
if (!bs) {
|
2015-02-05 19:58:11 +01:00
|
|
|
blk_unref(blk);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2019-04-24 17:41:46 +02:00
|
|
|
blk->root = bdrv_root_attach_child(bs, "root", &child_root, blk->ctx,
|
2017-03-07 12:07:21 +01:00
|
|
|
perm, BLK_PERM_ALL, blk, errp);
|
|
|
|
if (!blk->root) {
|
|
|
|
blk_unref(blk);
|
|
|
|
return NULL;
|
|
|
|
}
|
2016-03-15 14:34:37 +01:00
|
|
|
|
2015-02-05 19:58:11 +01:00
|
|
|
return blk;
|
|
|
|
}
|
|
|
|
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
static void blk_delete(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
assert(!blk->refcnt);
|
2016-03-16 19:54:37 +01:00
|
|
|
assert(!blk->name);
|
2014-10-07 13:59:25 +02:00
|
|
|
assert(!blk->dev);
|
2017-08-25 15:20:23 +02:00
|
|
|
if (blk->public.throttle_group_member.throttle_state) {
|
throttle: Remove block from group on hot-unplug
When a block device that is part of a throttle group is hot-unplugged,
we forgot to remove it from the throttle group. This leaves stale
memory around, and causes an easily reproducible crash:
$ ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio \
-device virtio-scsi-pci,bus=pci.0 -drive \
id=drive_image2,if=none,format=raw,file=file2,bps=512000,iops=100,group=foo \
-device scsi-hd,id=image2,drive=drive_image2 -drive \
id=drive_image3,if=none,format=raw,file=file3,bps=512000,iops=100,group=foo \
-device scsi-hd,id=image3,drive=drive_image3
{'execute':'qmp_capabilities'}
{'execute':'device_del','arguments':{'id':'image3'}}
{'execute':'system_reset'}
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1428810
Suggested-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-id: 20170406190847.29347-1-eblake@redhat.com
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-04-06 21:08:47 +02:00
|
|
|
blk_io_limits_disable(blk);
|
|
|
|
}
|
2016-03-08 13:47:46 +01:00
|
|
|
if (blk->root) {
|
2016-01-29 16:36:08 +01:00
|
|
|
blk_remove_bs(blk);
|
2014-10-07 13:59:05 +02:00
|
|
|
}
|
2017-08-15 15:07:39 +02:00
|
|
|
if (blk->vmsh) {
|
|
|
|
qemu_del_vm_change_state_handler(blk->vmsh);
|
|
|
|
blk->vmsh = NULL;
|
|
|
|
}
|
2016-01-29 16:36:03 +01:00
|
|
|
assert(QLIST_EMPTY(&blk->remove_bs_notifiers.notifiers));
|
|
|
|
assert(QLIST_EMPTY(&blk->insert_bs_notifiers.notifiers));
|
2018-03-06 21:48:18 +01:00
|
|
|
assert(QLIST_EMPTY(&blk->aio_notifiers));
|
2016-03-16 19:54:36 +01:00
|
|
|
QTAILQ_REMOVE(&block_backends, blk, link);
|
2014-10-07 13:59:06 +02:00
|
|
|
drive_info_del(blk->legacy_dinfo);
|
2015-10-28 16:33:05 +01:00
|
|
|
block_acct_cleanup(&blk->stats);
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
g_free(blk);
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:07 +02:00
|
|
|
static void drive_info_del(DriveInfo *dinfo)
|
|
|
|
{
|
|
|
|
if (!dinfo) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
qemu_opts_del(dinfo->opts);
|
|
|
|
g_free(dinfo);
|
|
|
|
}
|
|
|
|
|
2015-11-02 15:51:54 +01:00
|
|
|
int blk_get_refcnt(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk ? blk->refcnt : 0;
|
|
|
|
}
|
|
|
|
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
/*
|
|
|
|
* Increment @blk's reference count.
|
|
|
|
* @blk must not be null.
|
|
|
|
*/
|
|
|
|
void blk_ref(BlockBackend *blk)
|
|
|
|
{
|
2018-09-07 13:45:54 +02:00
|
|
|
assert(blk->refcnt > 0);
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
blk->refcnt++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Decrement @blk's reference count.
|
|
|
|
* If this drops it to zero, destroy @blk.
|
|
|
|
* For convenience, do nothing if @blk is null.
|
|
|
|
*/
|
|
|
|
void blk_unref(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
if (blk) {
|
|
|
|
assert(blk->refcnt > 0);
|
2018-09-07 13:45:54 +02:00
|
|
|
if (blk->refcnt > 1) {
|
|
|
|
blk->refcnt--;
|
|
|
|
} else {
|
|
|
|
blk_drain(blk);
|
|
|
|
/* blk_drain() cannot resurrect blk, nobody held a reference */
|
|
|
|
assert(blk->refcnt == 1);
|
|
|
|
blk->refcnt = 0;
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
blk_delete(blk);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-03-16 19:54:36 +01:00
|
|
|
/*
|
|
|
|
* Behaves similarly to blk_next() but iterates over all BlockBackends, even the
|
|
|
|
* ones which are hidden (i.e. are not referenced by the monitor).
|
|
|
|
*/
|
2017-07-11 14:06:04 +02:00
|
|
|
BlockBackend *blk_all_next(BlockBackend *blk)
|
2016-03-16 19:54:36 +01:00
|
|
|
{
|
|
|
|
return blk ? QTAILQ_NEXT(blk, link)
|
|
|
|
: QTAILQ_FIRST(&block_backends);
|
|
|
|
}
|
|
|
|
|
2016-01-29 16:36:13 +01:00
|
|
|
void blk_remove_all_bs(void)
|
|
|
|
{
|
2016-03-16 19:54:30 +01:00
|
|
|
BlockBackend *blk = NULL;
|
2016-01-29 16:36:13 +01:00
|
|
|
|
2016-03-16 19:54:36 +01:00
|
|
|
while ((blk = blk_all_next(blk)) != NULL) {
|
2016-01-29 16:36:13 +01:00
|
|
|
AioContext *ctx = blk_get_aio_context(blk);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
2016-03-08 13:47:46 +01:00
|
|
|
if (blk->root) {
|
2016-01-29 16:36:13 +01:00
|
|
|
blk_remove_bs(blk);
|
|
|
|
}
|
|
|
|
aio_context_release(ctx);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
/*
|
2016-03-16 19:54:35 +01:00
|
|
|
* Return the monitor-owned BlockBackend after @blk.
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
* If @blk is null, return the first one.
|
|
|
|
* Else, return @blk's next sibling, which may be null.
|
|
|
|
*
|
|
|
|
* To iterate over all BlockBackends, do
|
|
|
|
* for (blk = blk_next(NULL); blk; blk = blk_next(blk)) {
|
|
|
|
* ...
|
|
|
|
* }
|
|
|
|
*/
|
|
|
|
BlockBackend *blk_next(BlockBackend *blk)
|
|
|
|
{
|
2016-03-16 19:54:35 +01:00
|
|
|
return blk ? QTAILQ_NEXT(blk, monitor_link)
|
|
|
|
: QTAILQ_FIRST(&monitor_block_backends);
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
}
|
|
|
|
|
2016-03-22 18:58:50 +01:00
|
|
|
/* Iterates over all top-level BlockDriverStates, i.e. BDSs that are owned by
|
|
|
|
* the monitor or attached to a BlockBackend */
|
2016-05-20 18:49:07 +02:00
|
|
|
BlockDriverState *bdrv_next(BdrvNextIterator *it)
|
2016-03-22 18:58:50 +01:00
|
|
|
{
|
2017-11-10 18:25:45 +01:00
|
|
|
BlockDriverState *bs, *old_bs;
|
|
|
|
|
|
|
|
/* Must be called from the main loop */
|
|
|
|
assert(qemu_get_current_aio_context() == qemu_get_aio_context());
|
2016-03-16 19:54:42 +01:00
|
|
|
|
2016-03-22 18:58:50 +01:00
|
|
|
/* First, return all root nodes of BlockBackends. In order to avoid
|
|
|
|
* returning a BDS twice when multiple BBs refer to it, we only return it
|
|
|
|
* if the BB is the first one in the parent list of the BDS. */
|
|
|
|
if (it->phase == BDRV_NEXT_BACKEND_ROOTS) {
|
2017-11-10 18:25:45 +01:00
|
|
|
BlockBackend *old_blk = it->blk;
|
|
|
|
|
|
|
|
old_bs = old_blk ? blk_bs(old_blk) : NULL;
|
|
|
|
|
2016-03-22 18:58:50 +01:00
|
|
|
do {
|
|
|
|
it->blk = blk_all_next(it->blk);
|
2016-05-20 18:49:07 +02:00
|
|
|
bs = it->blk ? blk_bs(it->blk) : NULL;
|
|
|
|
} while (it->blk && (bs == NULL || bdrv_first_blk(bs) != it->blk));
|
2016-03-22 18:58:50 +01:00
|
|
|
|
2017-11-10 18:25:45 +01:00
|
|
|
if (it->blk) {
|
|
|
|
blk_ref(it->blk);
|
|
|
|
}
|
|
|
|
blk_unref(old_blk);
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
if (bs) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_ref(bs);
|
|
|
|
bdrv_unref(old_bs);
|
2016-05-20 18:49:07 +02:00
|
|
|
return bs;
|
2016-03-22 18:58:50 +01:00
|
|
|
}
|
|
|
|
it->phase = BDRV_NEXT_MONITOR_OWNED;
|
2017-11-10 18:25:45 +01:00
|
|
|
} else {
|
|
|
|
old_bs = it->bs;
|
2016-03-22 18:58:50 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Then return the monitor-owned BDSes without a BB attached. Ignore all
|
|
|
|
* BDSes that are attached to a BlockBackend here; they have been handled
|
|
|
|
* by the above block already */
|
2016-03-16 19:54:42 +01:00
|
|
|
do {
|
2016-03-22 18:58:50 +01:00
|
|
|
it->bs = bdrv_next_monitor_owned(it->bs);
|
2016-05-20 18:49:07 +02:00
|
|
|
bs = it->bs;
|
|
|
|
} while (bs && bdrv_has_blk(bs));
|
|
|
|
|
2017-11-10 18:25:45 +01:00
|
|
|
if (bs) {
|
|
|
|
bdrv_ref(bs);
|
|
|
|
}
|
|
|
|
bdrv_unref(old_bs);
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
return bs;
|
|
|
|
}
|
|
|
|
|
2017-11-10 18:25:45 +01:00
|
|
|
static void bdrv_next_reset(BdrvNextIterator *it)
|
2016-05-20 18:49:07 +02:00
|
|
|
{
|
|
|
|
*it = (BdrvNextIterator) {
|
|
|
|
.phase = BDRV_NEXT_BACKEND_ROOTS,
|
|
|
|
};
|
2017-11-10 18:25:45 +01:00
|
|
|
}
|
2016-03-16 19:54:42 +01:00
|
|
|
|
2017-11-10 18:25:45 +01:00
|
|
|
BlockDriverState *bdrv_first(BdrvNextIterator *it)
|
|
|
|
{
|
|
|
|
bdrv_next_reset(it);
|
2016-05-20 18:49:07 +02:00
|
|
|
return bdrv_next(it);
|
2016-03-16 19:54:42 +01:00
|
|
|
}
|
|
|
|
|
2017-11-10 18:25:45 +01:00
|
|
|
/* Must be called when aborting a bdrv_next() iteration before
|
|
|
|
* bdrv_next() returns NULL */
|
|
|
|
void bdrv_next_cleanup(BdrvNextIterator *it)
|
|
|
|
{
|
|
|
|
/* Must be called from the main loop */
|
|
|
|
assert(qemu_get_current_aio_context() == qemu_get_aio_context());
|
|
|
|
|
|
|
|
if (it->phase == BDRV_NEXT_BACKEND_ROOTS) {
|
|
|
|
if (it->blk) {
|
|
|
|
bdrv_unref(blk_bs(it->blk));
|
|
|
|
blk_unref(it->blk);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
bdrv_unref(it->bs);
|
|
|
|
}
|
|
|
|
|
|
|
|
bdrv_next_reset(it);
|
|
|
|
}
|
|
|
|
|
2016-03-16 19:54:37 +01:00
|
|
|
/*
|
|
|
|
* Add a BlockBackend into the list of backends referenced by the monitor, with
|
|
|
|
* the given @name acting as the handle for the monitor.
|
|
|
|
* Strictly for use by blockdev.c.
|
|
|
|
*
|
|
|
|
* @name must not be null or empty.
|
|
|
|
*
|
|
|
|
* Returns true on success and false on failure. In the latter case, an Error
|
|
|
|
* object is returned through @errp.
|
|
|
|
*/
|
|
|
|
bool monitor_add_blk(BlockBackend *blk, const char *name, Error **errp)
|
|
|
|
{
|
|
|
|
assert(!blk->name);
|
|
|
|
assert(name && name[0]);
|
|
|
|
|
|
|
|
if (!id_wellformed(name)) {
|
|
|
|
error_setg(errp, "Invalid device name");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if (blk_by_name(name)) {
|
|
|
|
error_setg(errp, "Device with id '%s' already exists", name);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if (bdrv_find_node(name)) {
|
|
|
|
error_setg(errp,
|
|
|
|
"Device name '%s' conflicts with an existing node name",
|
|
|
|
name);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
blk->name = g_strdup(name);
|
|
|
|
QTAILQ_INSERT_TAIL(&monitor_block_backends, blk, monitor_link);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Remove a BlockBackend from the list of backends referenced by the monitor.
|
|
|
|
* Strictly for use by blockdev.c.
|
|
|
|
*/
|
|
|
|
void monitor_remove_blk(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
if (!blk->name) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
QTAILQ_REMOVE(&monitor_block_backends, blk, monitor_link);
|
|
|
|
g_free(blk->name);
|
|
|
|
blk->name = NULL;
|
|
|
|
}
|
|
|
|
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
/*
|
2014-10-07 13:59:05 +02:00
|
|
|
* Return @blk's name, a non-null string.
|
2016-03-16 19:54:37 +01:00
|
|
|
* Returns an empty string iff @blk is not referenced by the monitor.
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
*/
|
2017-03-05 22:44:35 +01:00
|
|
|
const char *blk_name(const BlockBackend *blk)
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
{
|
2016-03-16 19:54:37 +01:00
|
|
|
return blk->name ?: "";
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Return the BlockBackend with name @name if it exists, else null.
|
|
|
|
* @name must not be null.
|
|
|
|
*/
|
|
|
|
BlockBackend *blk_by_name(const char *name)
|
|
|
|
{
|
2016-03-16 19:54:30 +01:00
|
|
|
BlockBackend *blk = NULL;
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
|
|
|
|
assert(name);
|
2016-03-16 19:54:30 +01:00
|
|
|
while ((blk = blk_next(blk)) != NULL) {
|
block: New BlockBackend
A block device consists of a frontend device model and a backend.
A block backend has a tree of block drivers doing the actual work.
The tree is managed by the block layer.
We currently use a single abstraction BlockDriverState both for tree
nodes and the backend as a whole. Drawbacks:
* Its API includes both stuff that makes sense only at the block
backend level (root of the tree) and stuff that's only for use
within the block layer. This makes the API bigger and more complex
than necessary. Moreover, it's not obvious which interfaces are
meant for device models, and which really aren't.
* Since device models keep a reference to their backend, the backend
object can't just be destroyed. But for media change, we need to
replace the tree. Our solution is to make the BlockDriverState
generic, with actual driver state in a separate object, pointed to
by member opaque. That lets us replace the tree by deinitializing
and reinitializing its root. This special need of the root makes
the data structure awkward everywhere in the tree.
The general plan is to separate the APIs into "block backend", for use
by device models, monitor and whatever other code dealing with block
backends, and "block driver", for use by the block layer and whatever
other code (if any) dealing with trees and tree nodes.
Code dealing with block backends, device models in particular, should
become completely oblivious of BlockDriverState. This should let us
clean up both APIs, and the tree data structures.
This commit is a first step. It creates a minimal "block backend"
API: type BlockBackend and functions to create, destroy and find them.
BlockBackend objects are created and destroyed exactly when root
BlockDriverState objects are created and destroyed. "Root" in the
sense of "in bdrv_states". They're not yet used for anything; that'll
come shortly.
A root BlockDriverState is created with bdrv_new_root(), so where to
create a BlockBackend is obvious. Where these roots get destroyed
isn't always as obvious.
It is obvious in qemu-img.c, qemu-io.c and qemu-nbd.c, and in error
paths of blockdev_init(), blk_connect(). That leaves destruction of
objects successfully created by blockdev_init() and blk_connect().
blockdev_init() is used only by drive_new() and qmp_blockdev_add().
Objects created by the latter are currently indestructible (see commit
48f364d "blockdev: Refuse to drive_del something added with
blockdev-add" and commit 2d246f0 "blockdev: Introduce
DriveInfo.enable_auto_del"). Objects created by the former get
destroyed by drive_del().
Objects created by blk_connect() get destroyed by blk_disconnect().
BlockBackend is reference-counted. Its reference count never exceeds
one so far, but that's going to change.
In drive_del(), the BB's reference count is surely one now. The BDS's
reference count is greater than one when something else is holding a
reference, such as a block job. In this case, the BB is destroyed
right away, but the BDS lives on until all extra references get
dropped.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-10-07 13:59:04 +02:00
|
|
|
if (!strcmp(name, blk->name)) {
|
|
|
|
return blk;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
2014-10-07 13:59:05 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Return the BlockDriverState attached to @blk if any, else null.
|
|
|
|
*/
|
|
|
|
BlockDriverState *blk_bs(BlockBackend *blk)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
return blk->root ? blk->root->bs : NULL;
|
2014-10-07 13:59:05 +02:00
|
|
|
}
|
|
|
|
|
2016-03-22 18:58:50 +01:00
|
|
|
static BlockBackend *bdrv_first_blk(BlockDriverState *bs)
|
2016-02-29 10:50:38 +01:00
|
|
|
{
|
|
|
|
BdrvChild *child;
|
|
|
|
QLIST_FOREACH(child, &bs->parents, next_parent) {
|
|
|
|
if (child->role == &child_root) {
|
2016-03-22 18:58:50 +01:00
|
|
|
return child->opaque;
|
2016-02-29 10:50:38 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-03-22 18:58:50 +01:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns true if @bs has an associated BlockBackend.
|
|
|
|
*/
|
|
|
|
bool bdrv_has_blk(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
return bdrv_first_blk(bs) != NULL;
|
2016-02-29 10:50:38 +01:00
|
|
|
}
|
|
|
|
|
2016-06-23 14:20:24 +02:00
|
|
|
/*
|
|
|
|
* Returns true if @bs has only BlockBackends as parents.
|
|
|
|
*/
|
|
|
|
bool bdrv_is_root_node(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BdrvChild *c;
|
|
|
|
|
|
|
|
QLIST_FOREACH(c, &bs->parents, next_parent) {
|
|
|
|
if (c->role != &child_root) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:06 +02:00
|
|
|
/*
|
|
|
|
* Return @blk's DriveInfo if any, else null.
|
|
|
|
*/
|
|
|
|
DriveInfo *blk_legacy_dinfo(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk->legacy_dinfo;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Set @blk's DriveInfo to @dinfo, and return it.
|
|
|
|
* @blk must not have a DriveInfo set already.
|
|
|
|
* No other BlockBackend may have the same DriveInfo set.
|
|
|
|
*/
|
|
|
|
DriveInfo *blk_set_legacy_dinfo(BlockBackend *blk, DriveInfo *dinfo)
|
|
|
|
{
|
|
|
|
assert(!blk->legacy_dinfo);
|
|
|
|
return blk->legacy_dinfo = dinfo;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Return the BlockBackend with DriveInfo @dinfo.
|
|
|
|
* It must exist.
|
|
|
|
*/
|
|
|
|
BlockBackend *blk_by_legacy_dinfo(DriveInfo *dinfo)
|
|
|
|
{
|
2016-03-16 19:54:30 +01:00
|
|
|
BlockBackend *blk = NULL;
|
2014-10-07 13:59:06 +02:00
|
|
|
|
2016-03-16 19:54:30 +01:00
|
|
|
while ((blk = blk_next(blk)) != NULL) {
|
2014-10-07 13:59:06 +02:00
|
|
|
if (blk->legacy_dinfo == dinfo) {
|
|
|
|
return blk;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
|
2016-03-21 11:27:04 +01:00
|
|
|
/*
|
|
|
|
* Returns a pointer to the publicly accessible fields of @blk.
|
|
|
|
*/
|
|
|
|
BlockBackendPublic *blk_get_public(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return &blk->public;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns a BlockBackend given the associated @public fields.
|
|
|
|
*/
|
|
|
|
BlockBackend *blk_by_public(BlockBackendPublic *public)
|
|
|
|
{
|
|
|
|
return container_of(public, BlockBackend, public);
|
|
|
|
}
|
|
|
|
|
2015-10-26 21:39:05 +01:00
|
|
|
/*
|
|
|
|
* Disassociates the currently associated BlockDriverState from @blk.
|
|
|
|
*/
|
|
|
|
void blk_remove_bs(BlockBackend *blk)
|
|
|
|
{
|
2017-11-10 19:54:47 +01:00
|
|
|
ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
|
2017-10-21 07:34:00 +02:00
|
|
|
BlockDriverState *bs;
|
2017-08-25 15:20:23 +02:00
|
|
|
|
2016-01-29 16:36:03 +01:00
|
|
|
notifier_list_notify(&blk->remove_bs_notifiers, blk);
|
2017-11-10 19:54:47 +01:00
|
|
|
if (tgm->throttle_state) {
|
2017-10-21 07:34:00 +02:00
|
|
|
bs = blk_bs(blk);
|
|
|
|
bdrv_drained_begin(bs);
|
2017-11-10 19:54:47 +01:00
|
|
|
throttle_group_detach_aio_context(tgm);
|
|
|
|
throttle_group_attach_aio_context(tgm, qemu_get_aio_context());
|
2017-10-21 07:34:00 +02:00
|
|
|
bdrv_drained_end(bs);
|
2016-03-21 10:49:51 +01:00
|
|
|
}
|
2015-10-26 21:39:05 +01:00
|
|
|
|
2016-03-22 13:00:08 +01:00
|
|
|
blk_update_root_state(blk);
|
|
|
|
|
2018-05-28 14:03:59 +02:00
|
|
|
/* bdrv_root_unref_child() will cause blk->root to become stale and may
|
|
|
|
* switch to a completion coroutine later on. Let's drain all I/O here
|
|
|
|
* to avoid that and a potential QEMU crash.
|
|
|
|
*/
|
|
|
|
blk_drain(blk);
|
2016-03-08 13:47:46 +01:00
|
|
|
bdrv_root_unref_child(blk->root);
|
|
|
|
blk->root = NULL;
|
2015-10-26 21:39:05 +01:00
|
|
|
}
|
|
|
|
|
2015-10-19 17:53:28 +02:00
|
|
|
/*
|
|
|
|
* Associates a new BlockDriverState with @blk.
|
|
|
|
*/
|
2017-01-13 19:02:32 +01:00
|
|
|
int blk_insert_bs(BlockBackend *blk, BlockDriverState *bs, Error **errp)
|
2015-10-19 17:53:28 +02:00
|
|
|
{
|
2017-11-10 19:54:47 +01:00
|
|
|
ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
|
2019-05-13 15:46:18 +02:00
|
|
|
bdrv_ref(bs);
|
2019-04-24 17:41:46 +02:00
|
|
|
blk->root = bdrv_root_attach_child(bs, "root", &child_root, blk->ctx,
|
2017-01-13 19:02:32 +01:00
|
|
|
blk->perm, blk->shared_perm, blk, errp);
|
|
|
|
if (blk->root == NULL) {
|
|
|
|
return -EPERM;
|
|
|
|
}
|
2016-01-29 16:36:03 +01:00
|
|
|
|
|
|
|
notifier_list_notify(&blk->insert_bs_notifiers, blk);
|
2017-11-10 19:54:47 +01:00
|
|
|
if (tgm->throttle_state) {
|
|
|
|
throttle_group_detach_aio_context(tgm);
|
|
|
|
throttle_group_attach_aio_context(tgm, bdrv_get_aio_context(bs));
|
2016-03-22 13:00:08 +01:00
|
|
|
}
|
2017-01-13 19:02:32 +01:00
|
|
|
|
|
|
|
return 0;
|
2015-10-19 17:53:28 +02:00
|
|
|
}
|
|
|
|
|
2017-01-20 15:42:39 +01:00
|
|
|
/*
|
|
|
|
* Sets the permission bitmasks that the user of the BlockBackend needs.
|
|
|
|
*/
|
|
|
|
int blk_set_perm(BlockBackend *blk, uint64_t perm, uint64_t shared_perm,
|
|
|
|
Error **errp)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
2017-04-04 17:29:03 +02:00
|
|
|
if (blk->root && !blk->disable_perm) {
|
2017-01-20 15:42:39 +01:00
|
|
|
ret = bdrv_child_try_set_perm(blk->root, perm, shared_perm, errp);
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
blk->perm = perm;
|
|
|
|
blk->shared_perm = shared_perm;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-02-10 16:24:56 +01:00
|
|
|
void blk_get_perm(BlockBackend *blk, uint64_t *perm, uint64_t *shared_perm)
|
|
|
|
{
|
|
|
|
*perm = blk->perm;
|
|
|
|
*shared_perm = blk->shared_perm;
|
|
|
|
}
|
|
|
|
|
2019-01-23 09:56:01 +01:00
|
|
|
/*
|
|
|
|
* Attach device model @dev to @blk.
|
|
|
|
* Return 0 on success, -EBUSY when a device model is attached already.
|
|
|
|
*/
|
|
|
|
int blk_attach_dev(BlockBackend *blk, DeviceState *dev)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2014-10-07 13:59:25 +02:00
|
|
|
if (blk->dev) {
|
|
|
|
return -EBUSY;
|
|
|
|
}
|
2017-04-04 17:29:03 +02:00
|
|
|
|
|
|
|
/* While migration is still incoming, we don't need to apply the
|
|
|
|
* permissions of guest device BlockBackends. We might still have a block
|
|
|
|
* job or NBD server writing to the image for storage migration. */
|
|
|
|
if (runstate_check(RUN_STATE_INMIGRATE)) {
|
|
|
|
blk->disable_perm = true;
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:26 +02:00
|
|
|
blk_ref(blk);
|
2014-10-07 13:59:25 +02:00
|
|
|
blk->dev = dev;
|
2015-10-19 17:53:22 +02:00
|
|
|
blk_iostatus_reset(blk);
|
2017-04-04 17:29:03 +02:00
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
return 0;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
/*
|
|
|
|
* Detach device model @dev from @blk.
|
|
|
|
* @dev must be currently attached to @blk.
|
|
|
|
*/
|
2019-01-23 09:56:01 +01:00
|
|
|
void blk_detach_dev(BlockBackend *blk, DeviceState *dev)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2014-10-07 13:59:25 +02:00
|
|
|
assert(blk->dev == dev);
|
|
|
|
blk->dev = NULL;
|
|
|
|
blk->dev_ops = NULL;
|
|
|
|
blk->dev_opaque = NULL;
|
2015-10-19 17:53:19 +02:00
|
|
|
blk->guest_block_size = 512;
|
2017-01-20 15:42:39 +01:00
|
|
|
blk_set_perm(blk, 0, BLK_PERM_ALL, &error_abort);
|
2014-10-07 13:59:26 +02:00
|
|
|
blk_unref(blk);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
/*
|
|
|
|
* Return the device model attached to @blk if any, else null.
|
|
|
|
*/
|
2019-01-23 09:56:01 +01:00
|
|
|
DeviceState *blk_get_attached_dev(BlockBackend *blk)
|
2014-10-07 13:59:25 +02:00
|
|
|
{
|
|
|
|
return blk->dev;
|
|
|
|
}
|
|
|
|
|
2016-09-29 18:30:53 +02:00
|
|
|
/* Return the qdev ID, or if no ID is assigned the QOM path, of the block
|
|
|
|
* device attached to the BlockBackend. */
|
2017-07-11 13:26:59 +02:00
|
|
|
char *blk_get_attached_dev_id(BlockBackend *blk)
|
2016-09-29 18:30:53 +02:00
|
|
|
{
|
2019-01-23 09:56:01 +01:00
|
|
|
DeviceState *dev = blk->dev;
|
2016-09-29 18:30:53 +02:00
|
|
|
|
|
|
|
if (!dev) {
|
|
|
|
return g_strdup("");
|
|
|
|
} else if (dev->id) {
|
|
|
|
return g_strdup(dev->id);
|
|
|
|
}
|
2018-11-05 22:38:36 +01:00
|
|
|
|
|
|
|
return object_get_canonical_path(OBJECT(dev)) ?: g_strdup("");
|
2016-09-29 18:30:53 +02:00
|
|
|
}
|
|
|
|
|
2016-09-20 13:38:40 +02:00
|
|
|
/*
|
|
|
|
* Return the BlockBackend which has the device model @dev attached if it
|
|
|
|
* exists, else null.
|
|
|
|
*
|
|
|
|
* @dev must not be null.
|
|
|
|
*/
|
|
|
|
BlockBackend *blk_by_dev(void *dev)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = NULL;
|
|
|
|
|
|
|
|
assert(dev != NULL);
|
|
|
|
while ((blk = blk_all_next(blk)) != NULL) {
|
|
|
|
if (blk->dev == dev) {
|
|
|
|
return blk;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
/*
|
|
|
|
* Set @blk's device model callbacks to @ops.
|
|
|
|
* @opaque is the opaque argument to pass to the callbacks.
|
|
|
|
* This is for use by device models.
|
|
|
|
*/
|
|
|
|
void blk_set_dev_ops(BlockBackend *blk, const BlockDevOps *ops,
|
|
|
|
void *opaque)
|
|
|
|
{
|
|
|
|
blk->dev_ops = ops;
|
|
|
|
blk->dev_opaque = opaque;
|
2017-03-16 22:23:50 +01:00
|
|
|
|
|
|
|
/* Are we currently quiesced? Should we enforce this right now? */
|
|
|
|
if (blk->quiesce_counter && ops->drained_begin) {
|
|
|
|
ops->drained_begin(opaque);
|
|
|
|
}
|
2014-10-07 13:59:25 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Notify @blk's attached device model of media change.
|
2017-01-24 14:21:41 +01:00
|
|
|
*
|
|
|
|
* If @load is true, notify of media load. This action can fail, meaning that
|
|
|
|
* the medium cannot be loaded. @errp is set then.
|
|
|
|
*
|
|
|
|
* If @load is false, notify of media eject. This can never fail.
|
|
|
|
*
|
2014-10-07 13:59:25 +02:00
|
|
|
* Also send DEVICE_TRAY_MOVED events as appropriate.
|
|
|
|
*/
|
2017-01-24 14:21:41 +01:00
|
|
|
void blk_dev_change_media_cb(BlockBackend *blk, bool load, Error **errp)
|
2014-10-07 13:59:25 +02:00
|
|
|
{
|
|
|
|
if (blk->dev_ops && blk->dev_ops->change_media_cb) {
|
2015-10-26 21:39:14 +01:00
|
|
|
bool tray_was_open, tray_is_open;
|
2017-01-24 14:21:41 +01:00
|
|
|
Error *local_err = NULL;
|
2014-10-07 13:59:25 +02:00
|
|
|
|
2015-10-26 21:39:14 +01:00
|
|
|
tray_was_open = blk_dev_is_tray_open(blk);
|
2017-01-24 14:21:41 +01:00
|
|
|
blk->dev_ops->change_media_cb(blk->dev_opaque, load, &local_err);
|
|
|
|
if (local_err) {
|
|
|
|
assert(load == true);
|
|
|
|
error_propagate(errp, local_err);
|
|
|
|
return;
|
|
|
|
}
|
2015-10-26 21:39:14 +01:00
|
|
|
tray_is_open = blk_dev_is_tray_open(blk);
|
|
|
|
|
|
|
|
if (tray_was_open != tray_is_open) {
|
2016-09-29 18:30:53 +02:00
|
|
|
char *id = blk_get_attached_dev_id(blk);
|
2018-08-15 15:37:37 +02:00
|
|
|
qapi_event_send_device_tray_moved(blk_name(blk), id, tray_is_open);
|
2016-09-29 18:30:53 +02:00
|
|
|
g_free(id);
|
2014-10-07 13:59:25 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-24 15:13:35 +01:00
|
|
|
static void blk_root_change_media(BdrvChild *child, bool load)
|
|
|
|
{
|
2017-01-24 14:21:41 +01:00
|
|
|
blk_dev_change_media_cb(child->opaque, load, NULL);
|
2016-02-24 15:13:35 +01:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
/*
|
|
|
|
* Does @blk's attached device model have removable media?
|
|
|
|
* %true if no device model is attached.
|
|
|
|
*/
|
|
|
|
bool blk_dev_has_removable_media(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return !blk->dev || (blk->dev_ops && blk->dev_ops->change_media_cb);
|
|
|
|
}
|
|
|
|
|
2016-01-29 20:49:10 +01:00
|
|
|
/*
|
|
|
|
* Does @blk's attached device model have a tray?
|
|
|
|
*/
|
|
|
|
bool blk_dev_has_tray(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk->dev_ops && blk->dev_ops->is_tray_open;
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
/*
|
|
|
|
* Notify @blk's attached device model of a media eject request.
|
|
|
|
* If @force is true, the medium is about to be yanked out forcefully.
|
|
|
|
*/
|
|
|
|
void blk_dev_eject_request(BlockBackend *blk, bool force)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2014-10-07 13:59:25 +02:00
|
|
|
if (blk->dev_ops && blk->dev_ops->eject_request_cb) {
|
|
|
|
blk->dev_ops->eject_request_cb(blk->dev_opaque, force);
|
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
/*
|
|
|
|
* Does @blk's attached device model have a tray, and is it open?
|
|
|
|
*/
|
|
|
|
bool blk_dev_is_tray_open(BlockBackend *blk)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-01-29 20:49:10 +01:00
|
|
|
if (blk_dev_has_tray(blk)) {
|
2014-10-07 13:59:25 +02:00
|
|
|
return blk->dev_ops->is_tray_open(blk->dev_opaque);
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Does @blk's attached device model have the medium locked?
|
|
|
|
* %false if the device model has no such lock.
|
|
|
|
*/
|
|
|
|
bool blk_dev_is_medium_locked(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
if (blk->dev_ops && blk->dev_ops->is_medium_locked) {
|
|
|
|
return blk->dev_ops->is_medium_locked(blk->dev_opaque);
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Notify @blk's attached device model of a backend size change.
|
|
|
|
*/
|
2016-02-24 15:13:35 +01:00
|
|
|
static void blk_root_resize(BdrvChild *child)
|
2014-10-07 13:59:25 +02:00
|
|
|
{
|
2016-02-24 15:13:35 +01:00
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
|
2014-10-07 13:59:25 +02:00
|
|
|
if (blk->dev_ops && blk->dev_ops->resize_cb) {
|
|
|
|
blk->dev_ops->resize_cb(blk->dev_opaque);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_iostatus_enable(BlockBackend *blk)
|
|
|
|
{
|
2015-10-19 17:53:22 +02:00
|
|
|
blk->iostatus_enabled = true;
|
|
|
|
blk->iostatus = BLOCK_DEVICE_IO_STATUS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* The I/O status is only enabled if the drive explicitly
|
|
|
|
* enables it _and_ the VM is configured to stop on errors */
|
|
|
|
bool blk_iostatus_is_enabled(const BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return (blk->iostatus_enabled &&
|
|
|
|
(blk->on_write_error == BLOCKDEV_ON_ERROR_ENOSPC ||
|
|
|
|
blk->on_write_error == BLOCKDEV_ON_ERROR_STOP ||
|
|
|
|
blk->on_read_error == BLOCKDEV_ON_ERROR_STOP));
|
|
|
|
}
|
|
|
|
|
|
|
|
BlockDeviceIoStatus blk_iostatus(const BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk->iostatus;
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_iostatus_disable(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
blk->iostatus_enabled = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_iostatus_reset(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
if (blk_iostatus_is_enabled(blk)) {
|
|
|
|
blk->iostatus = BLOCK_DEVICE_IO_STATUS_OK;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_iostatus_set_err(BlockBackend *blk, int error)
|
|
|
|
{
|
|
|
|
assert(blk_iostatus_is_enabled(blk));
|
|
|
|
if (blk->iostatus == BLOCK_DEVICE_IO_STATUS_OK) {
|
|
|
|
blk->iostatus = error == ENOSPC ? BLOCK_DEVICE_IO_STATUS_NOSPACE :
|
|
|
|
BLOCK_DEVICE_IO_STATUS_FAILED;
|
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2016-03-08 16:39:49 +01:00
|
|
|
void blk_set_allow_write_beyond_eof(BlockBackend *blk, bool allow)
|
|
|
|
{
|
|
|
|
blk->allow_write_beyond_eof = allow;
|
|
|
|
}
|
|
|
|
|
2019-05-06 19:18:02 +02:00
|
|
|
void blk_set_allow_aio_context_change(BlockBackend *blk, bool allow)
|
|
|
|
{
|
|
|
|
blk->allow_aio_context_change = allow;
|
|
|
|
}
|
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
void blk_set_disable_request_queuing(BlockBackend *blk, bool disable)
|
|
|
|
{
|
|
|
|
blk->disable_request_queuing = disable;
|
|
|
|
}
|
|
|
|
|
2015-02-05 19:58:23 +01:00
|
|
|
static int blk_check_byte_request(BlockBackend *blk, int64_t offset,
|
|
|
|
size_t size)
|
|
|
|
{
|
|
|
|
int64_t len;
|
|
|
|
|
|
|
|
if (size > INT_MAX) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
2015-02-05 19:58:23 +01:00
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (offset < 0) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
|
|
|
|
2016-03-08 16:39:49 +01:00
|
|
|
if (!blk->allow_write_beyond_eof) {
|
|
|
|
len = blk_getlength(blk);
|
|
|
|
if (len < 0) {
|
|
|
|
return len;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (offset > len || len - offset < size) {
|
|
|
|
return -EIO;
|
|
|
|
}
|
2015-02-05 19:58:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
static void coroutine_fn blk_wait_while_drained(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
if (blk->quiesce_counter && !blk->disable_request_queuing) {
|
|
|
|
qemu_co_queue_wait(&blk->queued_requests, NULL);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-04-14 16:40:16 +02:00
|
|
|
int coroutine_fn blk_co_preadv(BlockBackend *blk, int64_t offset,
|
|
|
|
unsigned int bytes, QEMUIOVector *qiov,
|
|
|
|
BdrvRequestFlags flags)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-04-14 16:40:16 +02:00
|
|
|
int ret;
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
BlockDriverState *bs;
|
2016-04-14 16:40:16 +02:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
blk_wait_while_drained(blk);
|
2016-04-14 16:40:16 +02:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
/* Call blk_bs() only after waiting, the graph may have changed */
|
|
|
|
bs = blk_bs(blk);
|
2016-10-27 12:48:52 +02:00
|
|
|
trace_blk_co_preadv(blk, bs, offset, bytes, flags);
|
2016-04-14 16:40:16 +02:00
|
|
|
|
|
|
|
ret = blk_check_byte_request(blk, offset, bytes);
|
2015-02-05 19:58:23 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2016-10-27 12:48:52 +02:00
|
|
|
bdrv_inc_in_flight(bs);
|
|
|
|
|
2016-03-21 13:30:30 +01:00
|
|
|
/* throttling disk I/O */
|
2017-08-25 15:20:23 +02:00
|
|
|
if (blk->public.throttle_group_member.throttle_state) {
|
|
|
|
throttle_group_co_io_limits_intercept(&blk->public.throttle_group_member,
|
|
|
|
bytes, false);
|
2016-03-21 13:30:30 +01:00
|
|
|
}
|
|
|
|
|
2016-10-27 12:48:52 +02:00
|
|
|
ret = bdrv_co_preadv(blk->root, offset, bytes, qiov, flags);
|
|
|
|
bdrv_dec_in_flight(bs);
|
|
|
|
return ret;
|
2016-03-08 13:47:47 +01:00
|
|
|
}
|
|
|
|
|
2019-10-11 11:07:09 +02:00
|
|
|
int coroutine_fn blk_co_pwritev_part(BlockBackend *blk, int64_t offset,
|
|
|
|
unsigned int bytes,
|
|
|
|
QEMUIOVector *qiov, size_t qiov_offset,
|
|
|
|
BdrvRequestFlags flags)
|
2016-03-08 13:47:48 +01:00
|
|
|
{
|
2016-03-04 14:28:01 +01:00
|
|
|
int ret;
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
BlockDriverState *bs;
|
2016-03-04 14:28:01 +01:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
blk_wait_while_drained(blk);
|
2016-03-04 14:28:01 +01:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
/* Call blk_bs() only after waiting, the graph may have changed */
|
|
|
|
bs = blk_bs(blk);
|
2016-10-27 12:48:52 +02:00
|
|
|
trace_blk_co_pwritev(blk, bs, offset, bytes, flags);
|
2016-04-14 16:40:16 +02:00
|
|
|
|
2016-03-04 14:28:01 +01:00
|
|
|
ret = blk_check_byte_request(blk, offset, bytes);
|
2016-03-08 13:47:48 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2016-10-27 12:48:52 +02:00
|
|
|
bdrv_inc_in_flight(bs);
|
2016-03-21 13:30:30 +01:00
|
|
|
/* throttling disk I/O */
|
2017-08-25 15:20:23 +02:00
|
|
|
if (blk->public.throttle_group_member.throttle_state) {
|
|
|
|
throttle_group_co_io_limits_intercept(&blk->public.throttle_group_member,
|
|
|
|
bytes, true);
|
2016-03-21 13:30:30 +01:00
|
|
|
}
|
|
|
|
|
2016-03-04 14:28:01 +01:00
|
|
|
if (!blk->enable_write_cache) {
|
|
|
|
flags |= BDRV_REQ_FUA;
|
|
|
|
}
|
|
|
|
|
2019-10-11 11:07:09 +02:00
|
|
|
ret = bdrv_co_pwritev_part(blk->root, offset, bytes, qiov, qiov_offset,
|
|
|
|
flags);
|
2016-10-27 12:48:52 +02:00
|
|
|
bdrv_dec_in_flight(bs);
|
|
|
|
return ret;
|
2016-03-08 13:47:48 +01:00
|
|
|
}
|
|
|
|
|
2019-10-11 11:07:09 +02:00
|
|
|
int coroutine_fn blk_co_pwritev(BlockBackend *blk, int64_t offset,
|
|
|
|
unsigned int bytes, QEMUIOVector *qiov,
|
|
|
|
BdrvRequestFlags flags)
|
|
|
|
{
|
|
|
|
return blk_co_pwritev_part(blk, offset, bytes, qiov, 0, flags);
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:47 +01:00
|
|
|
typedef struct BlkRwCo {
|
|
|
|
BlockBackend *blk;
|
|
|
|
int64_t offset;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
void *iobuf;
|
2016-03-08 13:47:47 +01:00
|
|
|
int ret;
|
|
|
|
BdrvRequestFlags flags;
|
|
|
|
} BlkRwCo;
|
|
|
|
|
|
|
|
static void blk_read_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkRwCo *rwco = opaque;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
QEMUIOVector *qiov = rwco->iobuf;
|
2016-03-08 13:47:47 +01:00
|
|
|
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, qiov->size,
|
|
|
|
qiov, rwco->flags);
|
block: Fix hangs in synchronous APIs with iothreads
In the block layer, synchronous APIs are often implemented by creating a
coroutine that calls the asynchronous coroutine-based implementation and
then waiting for completion with BDRV_POLL_WHILE().
For this to work with iothreads (more specifically, when the synchronous
API is called in a thread that is not the home thread of the block
device, so that the coroutine will run in a different thread), we must
make sure to call aio_wait_kick() at the end of the operation. Many
places are missing this, so that BDRV_POLL_WHILE() keeps hanging even if
the condition has long become false.
Note that bdrv_dec_in_flight() involves an aio_wait_kick() call. This
corresponds to the BDRV_POLL_WHILE() in the drain functions, but it is
generally not enough for most other operations because they haven't set
the return value in the coroutine entry stub yet. To avoid race
conditions there, we need to kick after setting the return value.
The race window is small enough that the problem doesn't usually surface
in the common path. However, it does surface and causes easily
reproducible hangs if the operation can return early before even calling
bdrv_inc/dec_in_flight, which many of them do (trivial error or no-op
success paths).
The bug in bdrv_truncate(), bdrv_check() and bdrv_invalidate_cache() is
slightly different: These functions even neglected to schedule the
coroutine in the home thread of the node. This avoids the hang, but is
obviously wrong, too. Fix those to schedule the coroutine in the right
AioContext in addition to adding aio_wait_kick() calls.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-01-07 13:02:48 +01:00
|
|
|
aio_wait_kick();
|
2016-03-08 13:47:47 +01:00
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:48 +01:00
|
|
|
static void blk_write_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkRwCo *rwco = opaque;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
QEMUIOVector *qiov = rwco->iobuf;
|
2016-03-08 13:47:48 +01:00
|
|
|
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, qiov->size,
|
|
|
|
qiov, rwco->flags);
|
block: Fix hangs in synchronous APIs with iothreads
In the block layer, synchronous APIs are often implemented by creating a
coroutine that calls the asynchronous coroutine-based implementation and
then waiting for completion with BDRV_POLL_WHILE().
For this to work with iothreads (more specifically, when the synchronous
API is called in a thread that is not the home thread of the block
device, so that the coroutine will run in a different thread), we must
make sure to call aio_wait_kick() at the end of the operation. Many
places are missing this, so that BDRV_POLL_WHILE() keeps hanging even if
the condition has long become false.
Note that bdrv_dec_in_flight() involves an aio_wait_kick() call. This
corresponds to the BDRV_POLL_WHILE() in the drain functions, but it is
generally not enough for most other operations because they haven't set
the return value in the coroutine entry stub yet. To avoid race
conditions there, we need to kick after setting the return value.
The race window is small enough that the problem doesn't usually surface
in the common path. However, it does surface and causes easily
reproducible hangs if the operation can return early before even calling
bdrv_inc/dec_in_flight, which many of them do (trivial error or no-op
success paths).
The bug in bdrv_truncate(), bdrv_check() and bdrv_invalidate_cache() is
slightly different: These functions even neglected to schedule the
coroutine in the home thread of the node. This avoids the hang, but is
obviously wrong, too. Fix those to schedule the coroutine in the right
AioContext in addition to adding aio_wait_kick() calls.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-01-07 13:02:48 +01:00
|
|
|
aio_wait_kick();
|
2016-03-08 13:47:48 +01:00
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:51 +01:00
|
|
|
static int blk_prw(BlockBackend *blk, int64_t offset, uint8_t *buf,
|
|
|
|
int64_t bytes, CoroutineEntry co_entry,
|
|
|
|
BdrvRequestFlags flags)
|
2016-03-08 13:47:47 +01:00
|
|
|
{
|
2019-02-18 15:09:12 +01:00
|
|
|
QEMUIOVector qiov = QEMU_IOVEC_INIT_BUF(qiov, buf, bytes);
|
|
|
|
BlkRwCo rwco = {
|
2016-03-08 13:47:47 +01:00
|
|
|
.blk = blk,
|
2016-03-08 13:47:51 +01:00
|
|
|
.offset = offset,
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
.iobuf = &qiov,
|
2016-03-08 13:47:50 +01:00
|
|
|
.flags = flags,
|
2016-03-08 13:47:47 +01:00
|
|
|
.ret = NOT_DONE,
|
|
|
|
};
|
|
|
|
|
2017-02-13 14:52:20 +01:00
|
|
|
if (qemu_in_coroutine()) {
|
|
|
|
/* Fast-path if already in coroutine context */
|
|
|
|
co_entry(&rwco);
|
|
|
|
} else {
|
|
|
|
Coroutine *co = qemu_coroutine_create(co_entry, &rwco);
|
block: Use bdrv_coroutine_enter to start I/O coroutines
BDRV_POLL_WHILE waits for the started I/O by releasing bs's ctx then polling
the main context, which relies on the yielded coroutine continuing on bs->ctx
before notifying qemu_aio_context with bdrv_wakeup().
Thus, using qemu_coroutine_enter to start I/O is wrong because if the coroutine
is entered from main loop, co->ctx will be qemu_aio_context, as a result of the
"release, poll, acquire" loop of BDRV_POLL_WHILE, race conditions happen when
both main thread and the iothread access the same BDS:
main loop iothread
-----------------------------------------------------------------------
blockdev_snapshot
aio_context_acquire(bs->ctx)
virtio_scsi_data_plane_handle_cmd
bdrv_drained_begin(bs->ctx)
bdrv_flush(bs)
bdrv_co_flush(bs) aio_context_acquire(bs->ctx).enter
...
qemu_coroutine_yield(co)
BDRV_POLL_WHILE()
aio_context_release(bs->ctx)
aio_context_acquire(bs->ctx).return
...
aio_co_wake(co)
aio_poll(qemu_aio_context) ...
co_schedule_bh_cb() ...
qemu_coroutine_enter(co) ...
/* (A) bdrv_co_flush(bs) /* (B) I/O on bs */
continues... */
aio_context_release(bs->ctx)
aio_context_acquire(bs->ctx)
Note that in above case, bdrv_drained_begin() doesn't do the "release,
poll, acquire" in BDRV_POLL_WHILE, because bs->in_flight == 0.
Fix this by using bdrv_coroutine_enter and enter coroutine in the right
context.
iotests 109 output is updated because the coroutine reenter flow during
mirror job complete is different (now through co_queue_wakeup, instead
of the unconditional qemu_coroutine_switch before), making the end job
len different.
Signed-off-by: Fam Zheng <famz@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
2017-04-10 14:20:17 +02:00
|
|
|
bdrv_coroutine_enter(blk_bs(blk), co);
|
2017-02-13 14:52:20 +01:00
|
|
|
BDRV_POLL_WHILE(blk_bs(blk), rwco.ret == NOT_DONE);
|
|
|
|
}
|
2016-03-08 13:47:47 +01:00
|
|
|
|
|
|
|
return rwco.ret;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2016-05-25 00:25:20 +02:00
|
|
|
int blk_pwrite_zeroes(BlockBackend *blk, int64_t offset,
|
2017-06-09 12:18:08 +02:00
|
|
|
int bytes, BdrvRequestFlags flags)
|
2015-03-19 13:33:31 +01:00
|
|
|
{
|
2017-06-09 12:18:08 +02:00
|
|
|
return blk_prw(blk, offset, NULL, bytes, blk_write_entry,
|
2016-05-06 18:26:29 +02:00
|
|
|
flags | BDRV_REQ_ZERO_WRITE);
|
2015-03-19 13:33:31 +01:00
|
|
|
}
|
|
|
|
|
2016-06-16 15:13:15 +02:00
|
|
|
int blk_make_zero(BlockBackend *blk, BdrvRequestFlags flags)
|
|
|
|
{
|
|
|
|
return bdrv_make_zero(blk->root, flags);
|
|
|
|
}
|
|
|
|
|
2019-02-14 18:42:44 +01:00
|
|
|
void blk_inc_in_flight(BlockBackend *blk)
|
2018-02-16 17:50:13 +01:00
|
|
|
{
|
|
|
|
atomic_inc(&blk->in_flight);
|
|
|
|
}
|
|
|
|
|
2019-02-14 18:42:44 +01:00
|
|
|
void blk_dec_in_flight(BlockBackend *blk)
|
2018-02-16 17:50:13 +01:00
|
|
|
{
|
|
|
|
atomic_dec(&blk->in_flight);
|
2018-09-18 17:09:16 +02:00
|
|
|
aio_wait_kick();
|
2018-02-16 17:50:13 +01:00
|
|
|
}
|
|
|
|
|
2015-02-05 19:58:23 +01:00
|
|
|
static void error_callback_bh(void *opaque)
|
|
|
|
{
|
|
|
|
struct BlockBackendAIOCB *acb = opaque;
|
2016-10-27 12:48:52 +02:00
|
|
|
|
2018-02-16 17:50:13 +01:00
|
|
|
blk_dec_in_flight(acb->blk);
|
2015-02-05 19:58:23 +01:00
|
|
|
acb->common.cb(acb->common.opaque, acb->ret);
|
|
|
|
qemu_aio_unref(acb);
|
|
|
|
}
|
|
|
|
|
2015-11-17 21:06:21 +01:00
|
|
|
BlockAIOCB *blk_abort_aio_request(BlockBackend *blk,
|
|
|
|
BlockCompletionFunc *cb,
|
|
|
|
void *opaque, int ret)
|
2015-02-05 19:58:23 +01:00
|
|
|
{
|
|
|
|
struct BlockBackendAIOCB *acb;
|
|
|
|
|
2018-02-16 17:50:13 +01:00
|
|
|
blk_inc_in_flight(blk);
|
2015-02-05 19:58:23 +01:00
|
|
|
acb = blk_aio_get(&block_backend_aiocb_info, blk, cb, opaque);
|
2015-10-19 17:53:18 +02:00
|
|
|
acb->blk = blk;
|
2015-02-05 19:58:23 +01:00
|
|
|
acb->ret = ret;
|
|
|
|
|
2019-09-17 13:58:19 +02:00
|
|
|
replay_bh_schedule_oneshot_event(blk_get_aio_context(blk),
|
|
|
|
error_callback_bh, acb);
|
2015-02-05 19:58:23 +01:00
|
|
|
return &acb->common;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:52 +01:00
|
|
|
typedef struct BlkAioEmAIOCB {
|
|
|
|
BlockAIOCB common;
|
|
|
|
BlkRwCo rwco;
|
2016-04-13 12:47:08 +02:00
|
|
|
int bytes;
|
2016-03-08 13:47:52 +01:00
|
|
|
bool has_returned;
|
|
|
|
} BlkAioEmAIOCB;
|
|
|
|
|
|
|
|
static const AIOCBInfo blk_aio_em_aiocb_info = {
|
|
|
|
.aiocb_size = sizeof(BlkAioEmAIOCB),
|
|
|
|
};
|
|
|
|
|
|
|
|
static void blk_aio_complete(BlkAioEmAIOCB *acb)
|
|
|
|
{
|
|
|
|
if (acb->has_returned) {
|
|
|
|
acb->common.cb(acb->common.opaque, acb->rwco.ret);
|
2018-09-06 17:47:22 +02:00
|
|
|
blk_dec_in_flight(acb->rwco.blk);
|
2016-03-08 13:47:52 +01:00
|
|
|
qemu_aio_unref(acb);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_aio_complete_bh(void *opaque)
|
|
|
|
{
|
2016-10-03 18:14:16 +02:00
|
|
|
BlkAioEmAIOCB *acb = opaque;
|
|
|
|
assert(acb->has_returned);
|
|
|
|
blk_aio_complete(acb);
|
2016-03-08 13:47:52 +01:00
|
|
|
}
|
|
|
|
|
2016-04-13 12:47:08 +02:00
|
|
|
static BlockAIOCB *blk_aio_prwv(BlockBackend *blk, int64_t offset, int bytes,
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
void *iobuf, CoroutineEntry co_entry,
|
2016-03-08 13:47:52 +01:00
|
|
|
BdrvRequestFlags flags,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
|
|
|
BlkAioEmAIOCB *acb;
|
|
|
|
Coroutine *co;
|
|
|
|
|
2018-02-16 17:50:13 +01:00
|
|
|
blk_inc_in_flight(blk);
|
2016-03-08 13:47:52 +01:00
|
|
|
acb = blk_aio_get(&blk_aio_em_aiocb_info, blk, cb, opaque);
|
|
|
|
acb->rwco = (BlkRwCo) {
|
|
|
|
.blk = blk,
|
|
|
|
.offset = offset,
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
.iobuf = iobuf,
|
2016-03-08 13:47:52 +01:00
|
|
|
.flags = flags,
|
|
|
|
.ret = NOT_DONE,
|
|
|
|
};
|
2016-04-13 12:47:08 +02:00
|
|
|
acb->bytes = bytes;
|
2016-03-08 13:47:52 +01:00
|
|
|
acb->has_returned = false;
|
|
|
|
|
coroutine: move entry argument to qemu_coroutine_create
In practice the entry argument is always known at creation time, and
it is confusing that sometimes qemu_coroutine_enter is used with a
non-NULL argument to re-enter a coroutine (this happens in
block/sheepdog.c and tests/test-coroutine.c). So pass the opaque value
at creation time, for consistency with e.g. aio_bh_new.
Mostly done with the following semantic patch:
@ entry1 @
expression entry, arg, co;
@@
- co = qemu_coroutine_create(entry);
+ co = qemu_coroutine_create(entry, arg);
...
- qemu_coroutine_enter(co, arg);
+ qemu_coroutine_enter(co);
@ entry2 @
expression entry, arg;
identifier co;
@@
- Coroutine *co = qemu_coroutine_create(entry);
+ Coroutine *co = qemu_coroutine_create(entry, arg);
...
- qemu_coroutine_enter(co, arg);
+ qemu_coroutine_enter(co);
@ entry3 @
expression entry, arg;
@@
- qemu_coroutine_enter(qemu_coroutine_create(entry), arg);
+ qemu_coroutine_enter(qemu_coroutine_create(entry, arg));
@ reentry @
expression co;
@@
- qemu_coroutine_enter(co, NULL);
+ qemu_coroutine_enter(co);
except for the aforementioned few places where the semantic patch
stumbled (as expected) and for test_co_queue, which would otherwise
produce an uninitialized variable warning.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-07-04 19:10:01 +02:00
|
|
|
co = qemu_coroutine_create(co_entry, acb);
|
block: Use bdrv_coroutine_enter to start I/O coroutines
BDRV_POLL_WHILE waits for the started I/O by releasing bs's ctx then polling
the main context, which relies on the yielded coroutine continuing on bs->ctx
before notifying qemu_aio_context with bdrv_wakeup().
Thus, using qemu_coroutine_enter to start I/O is wrong because if the coroutine
is entered from main loop, co->ctx will be qemu_aio_context, as a result of the
"release, poll, acquire" loop of BDRV_POLL_WHILE, race conditions happen when
both main thread and the iothread access the same BDS:
main loop iothread
-----------------------------------------------------------------------
blockdev_snapshot
aio_context_acquire(bs->ctx)
virtio_scsi_data_plane_handle_cmd
bdrv_drained_begin(bs->ctx)
bdrv_flush(bs)
bdrv_co_flush(bs) aio_context_acquire(bs->ctx).enter
...
qemu_coroutine_yield(co)
BDRV_POLL_WHILE()
aio_context_release(bs->ctx)
aio_context_acquire(bs->ctx).return
...
aio_co_wake(co)
aio_poll(qemu_aio_context) ...
co_schedule_bh_cb() ...
qemu_coroutine_enter(co) ...
/* (A) bdrv_co_flush(bs) /* (B) I/O on bs */
continues... */
aio_context_release(bs->ctx)
aio_context_acquire(bs->ctx)
Note that in above case, bdrv_drained_begin() doesn't do the "release,
poll, acquire" in BDRV_POLL_WHILE, because bs->in_flight == 0.
Fix this by using bdrv_coroutine_enter and enter coroutine in the right
context.
iotests 109 output is updated because the coroutine reenter flow during
mirror job complete is different (now through co_queue_wakeup, instead
of the unconditional qemu_coroutine_switch before), making the end job
len different.
Signed-off-by: Fam Zheng <famz@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
2017-04-10 14:20:17 +02:00
|
|
|
bdrv_coroutine_enter(blk_bs(blk), co);
|
2016-03-08 13:47:52 +01:00
|
|
|
|
|
|
|
acb->has_returned = true;
|
|
|
|
if (acb->rwco.ret != NOT_DONE) {
|
2019-09-17 13:58:19 +02:00
|
|
|
replay_bh_schedule_oneshot_event(blk_get_aio_context(blk),
|
|
|
|
blk_aio_complete_bh, acb);
|
2016-03-08 13:47:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return &acb->common;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_aio_read_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkAioEmAIOCB *acb = opaque;
|
|
|
|
BlkRwCo *rwco = &acb->rwco;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
QEMUIOVector *qiov = rwco->iobuf;
|
2016-03-08 13:47:52 +01:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
if (rwco->blk->quiesce_counter) {
|
|
|
|
blk_dec_in_flight(rwco->blk);
|
|
|
|
blk_wait_while_drained(rwco->blk);
|
|
|
|
blk_inc_in_flight(rwco->blk);
|
|
|
|
}
|
|
|
|
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
assert(qiov->size == acb->bytes);
|
2016-04-13 12:47:08 +02:00
|
|
|
rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, acb->bytes,
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
qiov, rwco->flags);
|
2016-03-08 13:47:52 +01:00
|
|
|
blk_aio_complete(acb);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_aio_write_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkAioEmAIOCB *acb = opaque;
|
|
|
|
BlkRwCo *rwco = &acb->rwco;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
QEMUIOVector *qiov = rwco->iobuf;
|
2016-03-08 13:47:52 +01:00
|
|
|
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
if (rwco->blk->quiesce_counter) {
|
|
|
|
blk_dec_in_flight(rwco->blk);
|
|
|
|
blk_wait_while_drained(rwco->blk);
|
|
|
|
blk_inc_in_flight(rwco->blk);
|
|
|
|
}
|
|
|
|
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
assert(!qiov || qiov->size == acb->bytes);
|
2016-04-13 12:47:08 +02:00
|
|
|
rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, acb->bytes,
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
qiov, rwco->flags);
|
2016-03-08 13:47:52 +01:00
|
|
|
blk_aio_complete(acb);
|
|
|
|
}
|
|
|
|
|
2016-05-25 00:25:20 +02:00
|
|
|
BlockAIOCB *blk_aio_pwrite_zeroes(BlockBackend *blk, int64_t offset,
|
|
|
|
int count, BdrvRequestFlags flags,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-05-06 18:26:29 +02:00
|
|
|
return blk_aio_prwv(blk, offset, count, NULL, blk_aio_write_entry,
|
|
|
|
flags | BDRV_REQ_ZERO_WRITE, cb, opaque);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_pread(BlockBackend *blk, int64_t offset, void *buf, int count)
|
|
|
|
{
|
2016-03-08 13:47:51 +01:00
|
|
|
int ret = blk_prw(blk, offset, buf, count, blk_read_entry, 0);
|
2015-02-05 19:58:23 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
2016-03-08 13:47:51 +01:00
|
|
|
return count;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2016-05-06 18:26:27 +02:00
|
|
|
int blk_pwrite(BlockBackend *blk, int64_t offset, const void *buf, int count,
|
|
|
|
BdrvRequestFlags flags)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-05-06 18:26:27 +02:00
|
|
|
int ret = blk_prw(blk, offset, (void *) buf, count, blk_write_entry,
|
|
|
|
flags);
|
2015-02-05 19:58:23 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
2016-03-08 13:47:51 +01:00
|
|
|
return count;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int64_t blk_getlength(BlockBackend *blk)
|
|
|
|
{
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_getlength(blk_bs(blk));
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_get_geometry(BlockBackend *blk, uint64_t *nb_sectors_ptr)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
if (!blk_bs(blk)) {
|
2015-10-19 17:53:27 +02:00
|
|
|
*nb_sectors_ptr = 0;
|
|
|
|
} else {
|
2016-03-08 13:47:46 +01:00
|
|
|
bdrv_get_geometry(blk_bs(blk), nb_sectors_ptr);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2015-02-05 19:58:10 +01:00
|
|
|
int64_t blk_nb_sectors(BlockBackend *blk)
|
|
|
|
{
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_nb_sectors(blk_bs(blk));
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
|
|
|
|
2016-05-06 18:26:30 +02:00
|
|
|
BlockAIOCB *blk_aio_preadv(BlockBackend *blk, int64_t offset,
|
|
|
|
QEMUIOVector *qiov, BdrvRequestFlags flags,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
|
|
|
return blk_aio_prwv(blk, offset, qiov->size, qiov,
|
|
|
|
blk_aio_read_entry, flags, cb, opaque);
|
|
|
|
}
|
|
|
|
|
|
|
|
BlockAIOCB *blk_aio_pwritev(BlockBackend *blk, int64_t offset,
|
|
|
|
QEMUIOVector *qiov, BdrvRequestFlags flags,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
|
|
|
return blk_aio_prwv(blk, offset, qiov->size, qiov,
|
|
|
|
blk_aio_write_entry, flags, cb, opaque);
|
|
|
|
}
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
static void blk_aio_flush_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkAioEmAIOCB *acb = opaque;
|
|
|
|
BlkRwCo *rwco = &acb->rwco;
|
|
|
|
|
|
|
|
rwco->ret = blk_co_flush(rwco->blk);
|
|
|
|
blk_aio_complete(acb);
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:18 +02:00
|
|
|
BlockAIOCB *blk_aio_flush(BlockBackend *blk,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
2016-10-20 12:56:14 +02:00
|
|
|
return blk_aio_prwv(blk, 0, 0, NULL, blk_aio_flush_entry, 0, cb, opaque);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
static void blk_aio_pdiscard_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkAioEmAIOCB *acb = opaque;
|
|
|
|
BlkRwCo *rwco = &acb->rwco;
|
|
|
|
|
|
|
|
rwco->ret = blk_co_pdiscard(rwco->blk, rwco->offset, acb->bytes);
|
|
|
|
blk_aio_complete(acb);
|
|
|
|
}
|
|
|
|
|
2016-07-16 01:22:54 +02:00
|
|
|
BlockAIOCB *blk_aio_pdiscard(BlockBackend *blk,
|
2017-06-09 12:18:08 +02:00
|
|
|
int64_t offset, int bytes,
|
2016-07-16 01:22:54 +02:00
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2017-06-09 12:18:08 +02:00
|
|
|
return blk_aio_prwv(blk, offset, bytes, NULL, blk_aio_pdiscard_entry, 0,
|
2016-10-20 12:56:14 +02:00
|
|
|
cb, opaque);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_aio_cancel(BlockAIOCB *acb)
|
|
|
|
{
|
|
|
|
bdrv_aio_cancel(acb);
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_aio_cancel_async(BlockAIOCB *acb)
|
|
|
|
{
|
|
|
|
bdrv_aio_cancel_async(acb);
|
|
|
|
}
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
int blk_co_ioctl(BlockBackend *blk, unsigned long int req, void *buf)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
blk_wait_while_drained(blk);
|
|
|
|
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
return bdrv_co_ioctl(blk_bs(blk), req, buf);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_ioctl_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkRwCo *rwco = opaque;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
QEMUIOVector *qiov = rwco->iobuf;
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
qiov->iov[0].iov_base);
|
block: Fix hangs in synchronous APIs with iothreads
In the block layer, synchronous APIs are often implemented by creating a
coroutine that calls the asynchronous coroutine-based implementation and
then waiting for completion with BDRV_POLL_WHILE().
For this to work with iothreads (more specifically, when the synchronous
API is called in a thread that is not the home thread of the block
device, so that the coroutine will run in a different thread), we must
make sure to call aio_wait_kick() at the end of the operation. Many
places are missing this, so that BDRV_POLL_WHILE() keeps hanging even if
the condition has long become false.
Note that bdrv_dec_in_flight() involves an aio_wait_kick() call. This
corresponds to the BDRV_POLL_WHILE() in the drain functions, but it is
generally not enough for most other operations because they haven't set
the return value in the coroutine entry stub yet. To avoid race
conditions there, we need to kick after setting the return value.
The race window is small enough that the problem doesn't usually surface
in the common path. However, it does surface and causes easily
reproducible hangs if the operation can return early before even calling
bdrv_inc/dec_in_flight, which many of them do (trivial error or no-op
success paths).
The bug in bdrv_truncate(), bdrv_check() and bdrv_invalidate_cache() is
slightly different: These functions even neglected to schedule the
coroutine in the home thread of the node. This avoids the hang, but is
obviously wrong, too. Fix those to schedule the coroutine in the right
AioContext in addition to adding aio_wait_kick() calls.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-01-07 13:02:48 +01:00
|
|
|
aio_wait_kick();
|
2016-10-20 12:56:14 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_ioctl(BlockBackend *blk, unsigned long int req, void *buf)
|
|
|
|
{
|
|
|
|
return blk_prw(blk, req, buf, 0, blk_ioctl_entry, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_aio_ioctl_entry(void *opaque)
|
|
|
|
{
|
|
|
|
BlkAioEmAIOCB *acb = opaque;
|
|
|
|
BlkRwCo *rwco = &acb->rwco;
|
|
|
|
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset, rwco->iobuf);
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
blk_aio_complete(acb);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
BlockAIOCB *blk_aio_ioctl(BlockBackend *blk, unsigned long int req, void *buf,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
return blk_aio_prwv(blk, req, 0, buf, blk_aio_ioctl_entry, 0, cb, opaque);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2017-06-09 12:18:08 +02:00
|
|
|
int blk_co_pdiscard(BlockBackend *blk, int64_t offset, int bytes)
|
2014-11-18 12:21:14 +01:00
|
|
|
{
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
int ret;
|
|
|
|
|
|
|
|
blk_wait_while_drained(blk);
|
|
|
|
|
|
|
|
ret = blk_check_byte_request(blk, offset, bytes);
|
2015-02-05 19:58:23 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2018-07-10 08:31:17 +02:00
|
|
|
return bdrv_co_pdiscard(blk->root, offset, bytes);
|
2014-11-18 12:21:14 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_co_flush(BlockBackend *blk)
|
|
|
|
{
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
blk_wait_while_drained(blk);
|
|
|
|
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_co_flush(blk_bs(blk));
|
2014-11-18 12:21:14 +01:00
|
|
|
}
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
static void blk_flush_entry(void *opaque)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-10-20 12:56:14 +02:00
|
|
|
BlkRwCo *rwco = opaque;
|
|
|
|
rwco->ret = blk_co_flush(rwco->blk);
|
block: Fix hangs in synchronous APIs with iothreads
In the block layer, synchronous APIs are often implemented by creating a
coroutine that calls the asynchronous coroutine-based implementation and
then waiting for completion with BDRV_POLL_WHILE().
For this to work with iothreads (more specifically, when the synchronous
API is called in a thread that is not the home thread of the block
device, so that the coroutine will run in a different thread), we must
make sure to call aio_wait_kick() at the end of the operation. Many
places are missing this, so that BDRV_POLL_WHILE() keeps hanging even if
the condition has long become false.
Note that bdrv_dec_in_flight() involves an aio_wait_kick() call. This
corresponds to the BDRV_POLL_WHILE() in the drain functions, but it is
generally not enough for most other operations because they haven't set
the return value in the coroutine entry stub yet. To avoid race
conditions there, we need to kick after setting the return value.
The race window is small enough that the problem doesn't usually surface
in the common path. However, it does surface and causes easily
reproducible hangs if the operation can return early before even calling
bdrv_inc/dec_in_flight, which many of them do (trivial error or no-op
success paths).
The bug in bdrv_truncate(), bdrv_check() and bdrv_invalidate_cache() is
slightly different: These functions even neglected to schedule the
coroutine in the home thread of the node. This avoids the hang, but is
obviously wrong, too. Fix those to schedule the coroutine in the right
AioContext in addition to adding aio_wait_kick() calls.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-01-07 13:02:48 +01:00
|
|
|
aio_wait_kick();
|
2016-10-20 12:56:14 +02:00
|
|
|
}
|
2015-10-19 17:53:26 +02:00
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
int blk_flush(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk_prw(blk, 0, NULL, 0, blk_flush_entry, 0);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2015-06-17 12:37:19 +02:00
|
|
|
void blk_drain(BlockBackend *blk)
|
|
|
|
{
|
2018-02-16 17:50:13 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_drained_begin(bs);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* We may have -ENOMEDIUM completions in flight */
|
2018-09-18 17:09:16 +02:00
|
|
|
AIO_WAIT_WHILE(blk_get_aio_context(blk),
|
|
|
|
atomic_mb_read(&blk->in_flight) > 0);
|
2018-02-16 17:50:13 +01:00
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_drained_end(bs);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2015-06-17 12:37:19 +02:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:18 +02:00
|
|
|
void blk_drain_all(void)
|
|
|
|
{
|
2018-02-16 17:50:13 +01:00
|
|
|
BlockBackend *blk = NULL;
|
|
|
|
|
|
|
|
bdrv_drain_all_begin();
|
|
|
|
|
|
|
|
while ((blk = blk_all_next(blk)) != NULL) {
|
|
|
|
AioContext *ctx = blk_get_aio_context(blk);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
|
|
|
|
|
|
|
/* We may have -ENOMEDIUM completions in flight */
|
2018-09-18 17:09:16 +02:00
|
|
|
AIO_WAIT_WHILE(ctx, atomic_mb_read(&blk->in_flight) > 0);
|
2018-02-16 17:50:13 +01:00
|
|
|
|
|
|
|
aio_context_release(ctx);
|
|
|
|
}
|
|
|
|
|
|
|
|
bdrv_drain_all_end();
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2015-10-19 17:53:22 +02:00
|
|
|
void blk_set_on_error(BlockBackend *blk, BlockdevOnError on_read_error,
|
|
|
|
BlockdevOnError on_write_error)
|
|
|
|
{
|
|
|
|
blk->on_read_error = on_read_error;
|
|
|
|
blk->on_write_error = on_write_error;
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:18 +02:00
|
|
|
BlockdevOnError blk_get_on_error(BlockBackend *blk, bool is_read)
|
|
|
|
{
|
2015-10-19 17:53:22 +02:00
|
|
|
return is_read ? blk->on_read_error : blk->on_write_error;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
BlockErrorAction blk_get_error_action(BlockBackend *blk, bool is_read,
|
|
|
|
int error)
|
|
|
|
{
|
2015-10-19 17:53:22 +02:00
|
|
|
BlockdevOnError on_err = blk_get_on_error(blk, is_read);
|
|
|
|
|
|
|
|
switch (on_err) {
|
|
|
|
case BLOCKDEV_ON_ERROR_ENOSPC:
|
|
|
|
return (error == ENOSPC) ?
|
|
|
|
BLOCK_ERROR_ACTION_STOP : BLOCK_ERROR_ACTION_REPORT;
|
|
|
|
case BLOCKDEV_ON_ERROR_STOP:
|
|
|
|
return BLOCK_ERROR_ACTION_STOP;
|
|
|
|
case BLOCKDEV_ON_ERROR_REPORT:
|
|
|
|
return BLOCK_ERROR_ACTION_REPORT;
|
|
|
|
case BLOCKDEV_ON_ERROR_IGNORE:
|
|
|
|
return BLOCK_ERROR_ACTION_IGNORE;
|
2016-06-29 17:41:35 +02:00
|
|
|
case BLOCKDEV_ON_ERROR_AUTO:
|
2015-10-19 17:53:22 +02:00
|
|
|
default:
|
|
|
|
abort();
|
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2015-10-19 17:53:22 +02:00
|
|
|
static void send_qmp_error_event(BlockBackend *blk,
|
|
|
|
BlockErrorAction action,
|
|
|
|
bool is_read, int error)
|
|
|
|
{
|
|
|
|
IoOperationType optype;
|
2018-03-05 15:59:35 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
2015-10-19 17:53:22 +02:00
|
|
|
|
|
|
|
optype = is_read ? IO_OPERATION_TYPE_READ : IO_OPERATION_TYPE_WRITE;
|
2018-03-05 15:59:35 +01:00
|
|
|
qapi_event_send_block_io_error(blk_name(blk), !!bs,
|
|
|
|
bs ? bdrv_get_node_name(bs) : NULL, optype,
|
2016-09-29 16:47:58 +02:00
|
|
|
action, blk_iostatus_is_enabled(blk),
|
2018-08-15 15:37:37 +02:00
|
|
|
error == ENOSPC, strerror(error));
|
2015-10-19 17:53:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/* This is done by device models because, while the block layer knows
|
|
|
|
* about the error, it does not know whether an operation comes from
|
|
|
|
* the device or the block layer (from a job, for example).
|
|
|
|
*/
|
2014-10-07 13:59:18 +02:00
|
|
|
void blk_error_action(BlockBackend *blk, BlockErrorAction action,
|
|
|
|
bool is_read, int error)
|
|
|
|
{
|
2015-10-19 17:53:22 +02:00
|
|
|
assert(error >= 0);
|
|
|
|
|
|
|
|
if (action == BLOCK_ERROR_ACTION_STOP) {
|
|
|
|
/* First set the iostatus, so that "info block" returns an iostatus
|
|
|
|
* that matches the events raised so far (an additional error iostatus
|
|
|
|
* is fine, but not a lost one).
|
|
|
|
*/
|
|
|
|
blk_iostatus_set_err(blk, error);
|
|
|
|
|
|
|
|
/* Then raise the request to stop the VM and the event.
|
|
|
|
* qemu_system_vmstop_request_prepare has two effects. First,
|
|
|
|
* it ensures that the STOP event always comes after the
|
|
|
|
* BLOCK_IO_ERROR event. Second, it ensures that even if management
|
|
|
|
* can observe the STOP event and do a "cont" before the STOP
|
|
|
|
* event is issued, the VM will not stop. In this case, vm_start()
|
|
|
|
* also ensures that the STOP/RESUME pair of events is emitted.
|
|
|
|
*/
|
|
|
|
qemu_system_vmstop_request_prepare();
|
|
|
|
send_qmp_error_event(blk, action, is_read, error);
|
|
|
|
qemu_system_vmstop_request(RUN_STATE_IO_ERROR);
|
|
|
|
} else {
|
|
|
|
send_qmp_error_event(blk, action, is_read, error);
|
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2018-10-13 10:52:31 +02:00
|
|
|
bool blk_is_read_only(BlockBackend *blk)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
return bdrv_is_read_only(bs);
|
2015-10-19 17:53:25 +02:00
|
|
|
} else {
|
|
|
|
return blk->root_state.read_only;
|
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2018-10-13 10:52:31 +02:00
|
|
|
bool blk_is_sg(BlockBackend *blk)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (!bs) {
|
2018-10-13 10:52:31 +02:00
|
|
|
return false;
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_is_sg(bs);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2018-10-13 10:52:31 +02:00
|
|
|
bool blk_enable_write_cache(BlockBackend *blk)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-03-04 14:28:01 +01:00
|
|
|
return blk->enable_write_cache;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_set_enable_write_cache(BlockBackend *blk, bool wce)
|
|
|
|
{
|
2016-03-04 14:28:01 +01:00
|
|
|
blk->enable_write_cache = wce;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2014-11-18 12:21:14 +01:00
|
|
|
void blk_invalidate_cache(BlockBackend *blk, Error **errp)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (!bs) {
|
2015-10-19 17:53:26 +02:00
|
|
|
error_setg(errp, "Device '%s' has no medium", blk->name);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
bdrv_invalidate_cache(bs, errp);
|
2014-11-18 12:21:14 +01:00
|
|
|
}
|
|
|
|
|
2015-10-19 17:53:11 +02:00
|
|
|
bool blk_is_inserted(BlockBackend *blk)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
return bs && bdrv_is_inserted(bs);
|
2015-10-19 17:53:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
bool blk_is_available(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk_is_inserted(blk) && !blk_dev_is_tray_open(blk);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_lock_medium(BlockBackend *blk, bool locked)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_lock_medium(bs, locked);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_eject(BlockBackend *blk, bool eject_flag)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
2016-09-29 18:30:53 +02:00
|
|
|
char *id;
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
if (bs) {
|
|
|
|
bdrv_eject(bs, eject_flag);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2016-11-14 17:15:54 +01:00
|
|
|
|
|
|
|
/* Whether or not we ejected on the backend,
|
|
|
|
* the frontend experienced a tray event. */
|
|
|
|
id = blk_get_attached_dev_id(blk);
|
|
|
|
qapi_event_send_device_tray_moved(blk_name(blk), id,
|
2018-08-15 15:37:37 +02:00
|
|
|
eject_flag);
|
2016-11-14 17:15:54 +01:00
|
|
|
g_free(id);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_get_flags(BlockBackend *blk)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
return bdrv_get_flags(bs);
|
2015-10-19 17:53:25 +02:00
|
|
|
} else {
|
|
|
|
return blk->root_state.open_flags;
|
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2019-03-29 05:27:49 +01:00
|
|
|
/* Returns the minimum request alignment, in bytes; guaranteed nonzero */
|
|
|
|
uint32_t blk_get_request_alignment(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
return bs ? bs->bl.request_alignment : BDRV_SECTOR_SIZE;
|
|
|
|
}
|
|
|
|
|
2016-06-24 00:37:19 +02:00
|
|
|
/* Returns the maximum transfer length, in bytes; guaranteed nonzero */
|
|
|
|
uint32_t blk_get_max_transfer(BlockBackend *blk)
|
2015-02-02 14:52:20 +01:00
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
2016-06-24 00:37:19 +02:00
|
|
|
uint32_t max = 0;
|
2016-03-08 13:47:46 +01:00
|
|
|
|
|
|
|
if (bs) {
|
2016-06-24 00:37:19 +02:00
|
|
|
max = bs->bl.max_transfer;
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2016-06-24 00:37:19 +02:00
|
|
|
return MIN_NON_ZERO(max, INT_MAX);
|
2015-02-02 14:52:20 +01:00
|
|
|
}
|
|
|
|
|
2015-07-09 11:56:45 +02:00
|
|
|
int blk_get_max_iov(BlockBackend *blk)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
return blk->root->bs->bl.max_iov;
|
2015-07-09 11:56:45 +02:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:18 +02:00
|
|
|
void blk_set_guest_block_size(BlockBackend *blk, int align)
|
|
|
|
{
|
2015-10-19 17:53:19 +02:00
|
|
|
blk->guest_block_size = align;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2016-01-07 14:34:13 +01:00
|
|
|
void *blk_try_blockalign(BlockBackend *blk, size_t size)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
return qemu_try_blockalign(blk ? blk_bs(blk) : NULL, size);
|
2016-01-07 14:34:13 +01:00
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:18 +02:00
|
|
|
void *blk_blockalign(BlockBackend *blk, size_t size)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
return qemu_blockalign(blk ? blk_bs(blk) : NULL, size);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
bool blk_op_is_blocked(BlockBackend *blk, BlockOpType op, Error **errp)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (!bs) {
|
2015-10-19 17:53:27 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_op_is_blocked(bs, op, errp);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_op_unblock(BlockBackend *blk, BlockOpType op, Error *reason)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_op_unblock(bs, op, reason);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_op_block_all(BlockBackend *blk, Error *reason)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_op_block_all(bs, reason);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_op_unblock_all(BlockBackend *blk, Error *reason)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_op_unblock_all(bs, reason);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
AioContext *blk_get_aio_context(BlockBackend *blk)
|
|
|
|
{
|
2019-04-25 14:25:10 +02:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
2019-04-24 17:41:46 +02:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(blk_bs(blk));
|
|
|
|
assert(ctx == blk->ctx);
|
2019-04-25 14:25:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return blk->ctx;
|
2015-10-19 17:53:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static AioContext *blk_aiocb_get_aio_context(BlockAIOCB *acb)
|
|
|
|
{
|
|
|
|
BlockBackendAIOCB *blk_acb = DO_UPCAST(BlockBackendAIOCB, common, acb);
|
|
|
|
return blk_get_aio_context(blk_acb->blk);
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2019-05-02 11:10:59 +02:00
|
|
|
static int blk_do_set_aio_context(BlockBackend *blk, AioContext *new_context,
|
|
|
|
bool update_root_node, Error **errp)
|
2014-10-07 13:59:18 +02:00
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
2017-08-25 15:20:24 +02:00
|
|
|
ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
|
2019-05-02 11:10:59 +02:00
|
|
|
int ret;
|
2016-03-08 13:47:46 +01:00
|
|
|
|
|
|
|
if (bs) {
|
2019-05-02 11:10:59 +02:00
|
|
|
if (update_root_node) {
|
|
|
|
ret = bdrv_child_try_set_aio_context(bs, new_context, blk->root,
|
|
|
|
errp);
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
2017-08-25 15:20:24 +02:00
|
|
|
if (tgm->throttle_state) {
|
2017-11-10 16:19:34 +01:00
|
|
|
bdrv_drained_begin(bs);
|
2017-08-25 15:20:24 +02:00
|
|
|
throttle_group_detach_aio_context(tgm);
|
|
|
|
throttle_group_attach_aio_context(tgm, new_context);
|
2017-11-10 16:19:34 +01:00
|
|
|
bdrv_drained_end(bs);
|
2016-03-22 13:00:08 +01:00
|
|
|
}
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2019-05-02 11:10:59 +02:00
|
|
|
|
2019-04-25 14:25:10 +02:00
|
|
|
blk->ctx = new_context;
|
2019-05-02 11:10:59 +02:00
|
|
|
return 0;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
2019-05-02 11:10:59 +02:00
|
|
|
int blk_set_aio_context(BlockBackend *blk, AioContext *new_context,
|
|
|
|
Error **errp)
|
2019-05-06 19:18:01 +02:00
|
|
|
{
|
2019-05-02 11:10:59 +02:00
|
|
|
return blk_do_set_aio_context(blk, new_context, true, errp);
|
2019-05-06 19:18:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static bool blk_root_can_set_aio_ctx(BdrvChild *child, AioContext *ctx,
|
|
|
|
GSList **ignore, Error **errp)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
|
2019-05-06 19:18:02 +02:00
|
|
|
if (blk->allow_aio_context_change) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2019-05-06 19:18:01 +02:00
|
|
|
/* Only manually created BlockBackends that are not attached to anything
|
|
|
|
* can change their AioContext without updating their user. */
|
|
|
|
if (!blk->name || blk->dev) {
|
|
|
|
/* TODO Add BB name/QOM path */
|
|
|
|
error_setg(errp, "Cannot change iothread of active block backend");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void blk_root_set_aio_ctx(BdrvChild *child, AioContext *ctx,
|
|
|
|
GSList **ignore)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
2019-05-02 11:10:59 +02:00
|
|
|
blk_do_set_aio_context(blk, ctx, false, &error_abort);
|
2019-05-06 19:18:01 +02:00
|
|
|
}
|
|
|
|
|
2014-11-18 12:21:15 +01:00
|
|
|
void blk_add_aio_context_notifier(BlockBackend *blk,
|
|
|
|
void (*attached_aio_context)(AioContext *new_context, void *opaque),
|
|
|
|
void (*detach_aio_context)(void *opaque), void *opaque)
|
|
|
|
{
|
2018-03-06 21:48:18 +01:00
|
|
|
BlockBackendAioNotifier *notifier;
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
2018-03-06 21:48:18 +01:00
|
|
|
notifier = g_new(BlockBackendAioNotifier, 1);
|
|
|
|
notifier->attached_aio_context = attached_aio_context;
|
|
|
|
notifier->detach_aio_context = detach_aio_context;
|
|
|
|
notifier->opaque = opaque;
|
|
|
|
QLIST_INSERT_HEAD(&blk->aio_notifiers, notifier, list);
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
if (bs) {
|
|
|
|
bdrv_add_aio_context_notifier(bs, attached_aio_context,
|
2015-10-19 17:53:27 +02:00
|
|
|
detach_aio_context, opaque);
|
|
|
|
}
|
2014-11-18 12:21:15 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_remove_aio_context_notifier(BlockBackend *blk,
|
|
|
|
void (*attached_aio_context)(AioContext *,
|
|
|
|
void *),
|
|
|
|
void (*detach_aio_context)(void *),
|
|
|
|
void *opaque)
|
|
|
|
{
|
2018-03-06 21:48:18 +01:00
|
|
|
BlockBackendAioNotifier *notifier;
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_remove_aio_context_notifier(bs, attached_aio_context,
|
2015-10-19 17:53:27 +02:00
|
|
|
detach_aio_context, opaque);
|
|
|
|
}
|
2018-03-06 21:48:18 +01:00
|
|
|
|
|
|
|
QLIST_FOREACH(notifier, &blk->aio_notifiers, list) {
|
|
|
|
if (notifier->attached_aio_context == attached_aio_context &&
|
|
|
|
notifier->detach_aio_context == detach_aio_context &&
|
|
|
|
notifier->opaque == opaque) {
|
|
|
|
QLIST_REMOVE(notifier, list);
|
|
|
|
g_free(notifier);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
abort();
|
2014-11-18 12:21:15 +01:00
|
|
|
}
|
|
|
|
|
2016-01-29 16:36:03 +01:00
|
|
|
void blk_add_remove_bs_notifier(BlockBackend *blk, Notifier *notify)
|
|
|
|
{
|
|
|
|
notifier_list_add(&blk->remove_bs_notifiers, notify);
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_add_insert_bs_notifier(BlockBackend *blk, Notifier *notify)
|
|
|
|
{
|
|
|
|
notifier_list_add(&blk->insert_bs_notifiers, notify);
|
|
|
|
}
|
|
|
|
|
2014-10-07 13:59:18 +02:00
|
|
|
void blk_io_plug(BlockBackend *blk)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_io_plug(bs);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_io_unplug(BlockBackend *blk)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
|
|
|
|
if (bs) {
|
|
|
|
bdrv_io_unplug(bs);
|
2015-10-19 17:53:27 +02:00
|
|
|
}
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
BlockAcctStats *blk_get_stats(BlockBackend *blk)
|
|
|
|
{
|
2015-10-19 17:53:21 +02:00
|
|
|
return &blk->stats;
|
2014-10-07 13:59:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void *blk_aio_get(const AIOCBInfo *aiocb_info, BlockBackend *blk,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
|
|
|
return qemu_aio_get(aiocb_info, blk_bs(blk), cb, opaque);
|
|
|
|
}
|
2015-02-05 19:58:10 +01:00
|
|
|
|
2016-05-25 00:25:20 +02:00
|
|
|
int coroutine_fn blk_co_pwrite_zeroes(BlockBackend *blk, int64_t offset,
|
2017-06-09 12:18:08 +02:00
|
|
|
int bytes, BdrvRequestFlags flags)
|
2015-02-05 19:58:10 +01:00
|
|
|
{
|
2017-06-09 12:18:08 +02:00
|
|
|
return blk_co_pwritev(blk, offset, bytes, NULL,
|
2016-04-15 10:21:04 +02:00
|
|
|
flags | BDRV_REQ_ZERO_WRITE);
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
|
|
|
|
2016-07-22 10:17:40 +02:00
|
|
|
int blk_pwrite_compressed(BlockBackend *blk, int64_t offset, const void *buf,
|
|
|
|
int count)
|
2015-02-05 19:58:10 +01:00
|
|
|
{
|
2016-07-22 10:17:48 +02:00
|
|
|
return blk_prw(blk, offset, (void *) buf, count, blk_write_entry,
|
|
|
|
BDRV_REQ_WRITE_COMPRESSED);
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
|
|
|
|
2019-09-18 11:51:40 +02:00
|
|
|
int blk_truncate(BlockBackend *blk, int64_t offset, bool exact,
|
|
|
|
PreallocMode prealloc, Error **errp)
|
2015-02-05 19:58:10 +01:00
|
|
|
{
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
2017-03-28 22:51:27 +02:00
|
|
|
error_setg(errp, "No medium inserted");
|
2015-10-19 17:53:26 +02:00
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2019-09-18 11:51:40 +02:00
|
|
|
return bdrv_truncate(blk->root, offset, exact, prealloc, errp);
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
|
|
|
|
2016-10-20 12:56:14 +02:00
|
|
|
static void blk_pdiscard_entry(void *opaque)
|
2015-02-05 19:58:10 +01:00
|
|
|
{
|
2016-10-20 12:56:14 +02:00
|
|
|
BlkRwCo *rwco = opaque;
|
block: Fix qemu crash when using scsi-block
Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.
blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
BlkRwCo *rwco = &acb->rwco;
rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
rwco->qiov->iov[0].iov_base); <--- qiov is
invalid here
...
In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.
The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.
Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-12-16 01:59:13 +01:00
|
|
|
QEMUIOVector *qiov = rwco->iobuf;
|
|
|
|
|
|
|
|
rwco->ret = blk_co_pdiscard(rwco->blk, rwco->offset, qiov->size);
|
block: Fix hangs in synchronous APIs with iothreads
In the block layer, synchronous APIs are often implemented by creating a
coroutine that calls the asynchronous coroutine-based implementation and
then waiting for completion with BDRV_POLL_WHILE().
For this to work with iothreads (more specifically, when the synchronous
API is called in a thread that is not the home thread of the block
device, so that the coroutine will run in a different thread), we must
make sure to call aio_wait_kick() at the end of the operation. Many
places are missing this, so that BDRV_POLL_WHILE() keeps hanging even if
the condition has long become false.
Note that bdrv_dec_in_flight() involves an aio_wait_kick() call. This
corresponds to the BDRV_POLL_WHILE() in the drain functions, but it is
generally not enough for most other operations because they haven't set
the return value in the coroutine entry stub yet. To avoid race
conditions there, we need to kick after setting the return value.
The race window is small enough that the problem doesn't usually surface
in the common path. However, it does surface and causes easily
reproducible hangs if the operation can return early before even calling
bdrv_inc/dec_in_flight, which many of them do (trivial error or no-op
success paths).
The bug in bdrv_truncate(), bdrv_check() and bdrv_invalidate_cache() is
slightly different: These functions even neglected to schedule the
coroutine in the home thread of the node. This avoids the hang, but is
obviously wrong, too. Fix those to schedule the coroutine in the right
AioContext in addition to adding aio_wait_kick() calls.
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-01-07 13:02:48 +01:00
|
|
|
aio_wait_kick();
|
2016-10-20 12:56:14 +02:00
|
|
|
}
|
2015-02-05 19:58:23 +01:00
|
|
|
|
2017-06-09 12:18:08 +02:00
|
|
|
int blk_pdiscard(BlockBackend *blk, int64_t offset, int bytes)
|
2016-10-20 12:56:14 +02:00
|
|
|
{
|
2017-06-09 12:18:08 +02:00
|
|
|
return blk_prw(blk, offset, NULL, bytes, blk_pdiscard_entry, 0);
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_save_vmstate(BlockBackend *blk, const uint8_t *buf,
|
|
|
|
int64_t pos, int size)
|
|
|
|
{
|
2016-03-04 14:28:01 +01:00
|
|
|
int ret;
|
|
|
|
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-04 14:28:01 +01:00
|
|
|
ret = bdrv_save_vmstate(blk_bs(blk), buf, pos, size);
|
|
|
|
if (ret < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ret == size && !blk->enable_write_cache) {
|
|
|
|
ret = bdrv_flush(blk_bs(blk));
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret < 0 ? ret : size;
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_load_vmstate(BlockBackend *blk, uint8_t *buf, int64_t pos, int size)
|
|
|
|
{
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_load_vmstate(blk_bs(blk), buf, pos, size);
|
2015-02-05 19:58:10 +01:00
|
|
|
}
|
2015-02-16 12:47:57 +01:00
|
|
|
|
|
|
|
int blk_probe_blocksizes(BlockBackend *blk, BlockSizes *bsz)
|
|
|
|
{
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_probe_blocksizes(blk_bs(blk), bsz);
|
2015-02-16 12:47:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
int blk_probe_geometry(BlockBackend *blk, HDGeometry *geo)
|
|
|
|
{
|
2015-10-19 17:53:26 +02:00
|
|
|
if (!blk_is_available(blk)) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
return bdrv_probe_geometry(blk_bs(blk), geo);
|
2015-02-16 12:47:57 +01:00
|
|
|
}
|
2015-10-19 17:53:24 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Updates the BlockBackendRootState object with data from the currently
|
|
|
|
* attached BlockDriverState.
|
|
|
|
*/
|
|
|
|
void blk_update_root_state(BlockBackend *blk)
|
|
|
|
{
|
2016-03-08 13:47:46 +01:00
|
|
|
assert(blk->root);
|
2015-10-19 17:53:24 +02:00
|
|
|
|
2016-03-08 13:47:46 +01:00
|
|
|
blk->root_state.open_flags = blk->root->bs->open_flags;
|
|
|
|
blk->root_state.read_only = blk->root->bs->read_only;
|
|
|
|
blk->root_state.detect_zeroes = blk->root->bs->detect_zeroes;
|
2015-10-19 17:53:24 +02:00
|
|
|
}
|
|
|
|
|
2015-10-26 21:39:07 +01:00
|
|
|
/*
|
2016-09-12 19:08:31 +02:00
|
|
|
* Returns the detect-zeroes setting to be used for bdrv_open() of a
|
|
|
|
* BlockDriverState which is supposed to inherit the root state.
|
2015-10-26 21:39:07 +01:00
|
|
|
*/
|
2016-09-12 19:08:31 +02:00
|
|
|
bool blk_get_detect_zeroes_from_root_state(BlockBackend *blk)
|
2015-10-26 21:39:07 +01:00
|
|
|
{
|
2016-09-12 19:08:31 +02:00
|
|
|
return blk->root_state.detect_zeroes;
|
2015-10-26 21:39:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns the flags to be used for bdrv_open() of a BlockDriverState which is
|
|
|
|
* supposed to inherit the root state.
|
|
|
|
*/
|
|
|
|
int blk_get_open_flags_from_root_state(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
int bs_flags;
|
|
|
|
|
|
|
|
bs_flags = blk->root_state.read_only ? 0 : BDRV_O_RDWR;
|
|
|
|
bs_flags |= blk->root_state.open_flags & ~BDRV_O_RDWR;
|
|
|
|
|
|
|
|
return bs_flags;
|
|
|
|
}
|
|
|
|
|
2015-10-19 17:53:24 +02:00
|
|
|
BlockBackendRootState *blk_get_root_state(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return &blk->root_state;
|
|
|
|
}
|
2016-03-16 19:54:31 +01:00
|
|
|
|
|
|
|
int blk_commit_all(void)
|
|
|
|
{
|
2016-03-16 19:54:40 +01:00
|
|
|
BlockBackend *blk = NULL;
|
|
|
|
|
|
|
|
while ((blk = blk_all_next(blk)) != NULL) {
|
|
|
|
AioContext *aio_context = blk_get_aio_context(blk);
|
|
|
|
|
|
|
|
aio_context_acquire(aio_context);
|
2016-03-08 13:47:46 +01:00
|
|
|
if (blk_is_inserted(blk) && blk->root->bs->backing) {
|
|
|
|
int ret = bdrv_commit(blk->root->bs);
|
2016-03-16 19:54:40 +01:00
|
|
|
if (ret < 0) {
|
|
|
|
aio_context_release(aio_context);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
aio_context_release(aio_context);
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-03-21 13:53:52 +01:00
|
|
|
|
|
|
|
/* throttling disk I/O limits */
|
|
|
|
void blk_set_io_limits(BlockBackend *blk, ThrottleConfig *cfg)
|
|
|
|
{
|
2017-08-25 15:20:23 +02:00
|
|
|
throttle_group_config(&blk->public.throttle_group_member, cfg);
|
2016-03-21 13:53:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_io_limits_disable(BlockBackend *blk)
|
|
|
|
{
|
2017-11-10 19:54:46 +01:00
|
|
|
BlockDriverState *bs = blk_bs(blk);
|
|
|
|
ThrottleGroupMember *tgm = &blk->public.throttle_group_member;
|
|
|
|
assert(tgm->throttle_state);
|
|
|
|
if (bs) {
|
|
|
|
bdrv_drained_begin(bs);
|
|
|
|
}
|
|
|
|
throttle_group_unregister_tgm(tgm);
|
|
|
|
if (bs) {
|
|
|
|
bdrv_drained_end(bs);
|
|
|
|
}
|
2016-03-21 13:53:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/* should be called before blk_set_io_limits if a limit is set */
|
|
|
|
void blk_io_limits_enable(BlockBackend *blk, const char *group)
|
|
|
|
{
|
2017-08-25 15:20:23 +02:00
|
|
|
assert(!blk->public.throttle_group_member.throttle_state);
|
2017-08-25 15:20:24 +02:00
|
|
|
throttle_group_register_tgm(&blk->public.throttle_group_member,
|
|
|
|
group, blk_get_aio_context(blk));
|
2016-03-21 13:53:52 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
void blk_io_limits_update_group(BlockBackend *blk, const char *group)
|
|
|
|
{
|
|
|
|
/* this BB is not part of any group */
|
2017-08-25 15:20:23 +02:00
|
|
|
if (!blk->public.throttle_group_member.throttle_state) {
|
2016-03-21 13:53:52 +01:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* this BB is a part of the same group than the one we want */
|
2017-08-25 15:20:23 +02:00
|
|
|
if (!g_strcmp0(throttle_group_get_name(&blk->public.throttle_group_member),
|
|
|
|
group)) {
|
2016-03-21 13:53:52 +01:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* need to change the group this bs belong to */
|
|
|
|
blk_io_limits_disable(blk);
|
|
|
|
blk_io_limits_enable(blk, group);
|
|
|
|
}
|
2016-03-22 12:05:35 +01:00
|
|
|
|
|
|
|
static void blk_root_drained_begin(BdrvChild *child)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
|
2017-03-16 22:23:50 +01:00
|
|
|
if (++blk->quiesce_counter == 1) {
|
|
|
|
if (blk->dev_ops && blk->dev_ops->drained_begin) {
|
|
|
|
blk->dev_ops->drained_begin(blk->dev_opaque);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-05-17 14:51:55 +02:00
|
|
|
/* Note that blk->root may not be accessible here yet if we are just
|
|
|
|
* attaching to a BlockDriverState that is drained. Use child instead. */
|
|
|
|
|
2017-08-25 15:20:23 +02:00
|
|
|
if (atomic_fetch_inc(&blk->public.throttle_group_member.io_limits_disabled) == 0) {
|
|
|
|
throttle_group_restart_tgm(&blk->public.throttle_group_member);
|
2016-03-22 12:05:35 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-09-06 17:43:49 +02:00
|
|
|
static bool blk_root_drained_poll(BdrvChild *child)
|
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
|
|
|
assert(blk->quiesce_counter);
|
|
|
|
return !!blk->in_flight;
|
|
|
|
}
|
|
|
|
|
block: Do not poll in bdrv_do_drained_end()
We should never poll anywhere in bdrv_do_drained_end() (including its
recursive callees like bdrv_drain_invoke()), because it does not cope
well with graph changes. In fact, it has been written based on the
postulation that no graph changes will happen in it.
Instead, the callers that want to poll must poll, i.e. all currently
globally available wrappers: bdrv_drained_end(),
bdrv_subtree_drained_end(), bdrv_unapply_subtree_drain(), and
bdrv_drain_all_end(). Graph changes there do not matter.
They can poll simply by passing a pointer to a drained_end_counter and
wait until it reaches 0.
This patch also adds a non-polling global wrapper for
bdrv_do_drained_end() that takes a drained_end_counter pointer. We need
such a variant because now no function called anywhere from
bdrv_do_drained_end() must poll. This includes
BdrvChildRole.drained_end(), which already must not poll according to
its interface documentation, but bdrv_child_cb_drained_end() just
violates that by invoking bdrv_drained_end() (which does poll).
Therefore, BdrvChildRole.drained_end() must take a *drained_end_counter
parameter, which bdrv_child_cb_drained_end() can pass on to the new
bdrv_drained_end_no_poll() function.
Note that we now have a pattern of all drained_end-related functions
either polling or receiving a *drained_end_counter to let the caller
poll based on that.
A problem with a single poll loop is that when the drained section in
bdrv_set_aio_context_ignore() ends, some nodes in the subgraph may be in
the old contexts, while others are in the new context already. To let
the collective poll in bdrv_drained_end() work correctly, we must not
hold a lock to the old context, so that the old context can make
progress in case it is different from the current context.
(In the process, remove the comment saying that the current context is
always the old context, because it is wrong.)
In all other places, all nodes in a subtree must be in the same context,
so we can just poll that. The exception of course is
bdrv_drain_all_end(), but that always runs in the main context, so we
can just poll NULL (like bdrv_drain_all_begin() does).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-07-19 11:26:14 +02:00
|
|
|
static void blk_root_drained_end(BdrvChild *child, int *drained_end_counter)
|
2016-03-22 12:05:35 +01:00
|
|
|
{
|
|
|
|
BlockBackend *blk = child->opaque;
|
2017-03-16 22:23:50 +01:00
|
|
|
assert(blk->quiesce_counter);
|
2016-03-22 12:05:35 +01:00
|
|
|
|
2017-08-25 15:20:23 +02:00
|
|
|
assert(blk->public.throttle_group_member.io_limits_disabled);
|
|
|
|
atomic_dec(&blk->public.throttle_group_member.io_limits_disabled);
|
2017-03-16 22:23:50 +01:00
|
|
|
|
|
|
|
if (--blk->quiesce_counter == 0) {
|
|
|
|
if (blk->dev_ops && blk->dev_ops->drained_end) {
|
|
|
|
blk->dev_ops->drained_end(blk->dev_opaque);
|
|
|
|
}
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 17:46:23 +02:00
|
|
|
while (qemu_co_enter_next(&blk->queued_requests, NULL)) {
|
|
|
|
/* Resume all queued requests */
|
|
|
|
}
|
2017-03-16 22:23:50 +01:00
|
|
|
}
|
2016-03-22 12:05:35 +01:00
|
|
|
}
|
2018-01-16 07:08:56 +01:00
|
|
|
|
|
|
|
void blk_register_buf(BlockBackend *blk, void *host, size_t size)
|
|
|
|
{
|
|
|
|
bdrv_register_buf(blk_bs(blk), host, size);
|
|
|
|
}
|
|
|
|
|
|
|
|
void blk_unregister_buf(BlockBackend *blk, void *host)
|
|
|
|
{
|
|
|
|
bdrv_unregister_buf(blk_bs(blk), host);
|
|
|
|
}
|
2018-06-01 11:26:47 +02:00
|
|
|
|
|
|
|
int coroutine_fn blk_co_copy_range(BlockBackend *blk_in, int64_t off_in,
|
|
|
|
BlockBackend *blk_out, int64_t off_out,
|
2018-07-09 18:37:17 +02:00
|
|
|
int bytes, BdrvRequestFlags read_flags,
|
|
|
|
BdrvRequestFlags write_flags)
|
2018-06-01 11:26:47 +02:00
|
|
|
{
|
|
|
|
int r;
|
|
|
|
r = blk_check_byte_request(blk_in, off_in, bytes);
|
|
|
|
if (r) {
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
r = blk_check_byte_request(blk_out, off_out, bytes);
|
|
|
|
if (r) {
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
return bdrv_co_copy_range(blk_in->root, off_in,
|
|
|
|
blk_out->root, off_out,
|
2018-07-09 18:37:17 +02:00
|
|
|
bytes, read_flags, write_flags);
|
2018-06-01 11:26:47 +02:00
|
|
|
}
|
2018-12-21 18:09:07 +01:00
|
|
|
|
|
|
|
const BdrvChild *blk_root(BlockBackend *blk)
|
|
|
|
{
|
|
|
|
return blk->root;
|
|
|
|
}
|